Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    24-04-2024 01:46

General

  • Target

    b15f5268a9c2aceb384fe82ed4df6801dc68f072f5373e72f7424884e9b4edde.elf

  • Size

    22KB

  • MD5

    058e08016104cfccdc217f93c4d3c28e

  • SHA1

    cfb55ab30b8459a04a5097da35c7d2fb8f609e89

  • SHA256

    b15f5268a9c2aceb384fe82ed4df6801dc68f072f5373e72f7424884e9b4edde

  • SHA512

    f10dd6450016a4be00877a932cc519dba9febb2377f8c8cbe621172f1881523fe984bf2c45de628db17bc1d3115f1811596660cd43a29440b929fa6762063a20

  • SSDEEP

    384:/wLipjSPrNEbcSCE0CWmJWtaI6/ZmZfij8TMvn6DOArh7qmdGUEpiaa/:oLcSPNvUZmZfijQMvnIOo9q3UELW

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

Processes

  • /tmp/b15f5268a9c2aceb384fe82ed4df6801dc68f072f5373e72f7424884e9b4edde.elf
    /tmp/b15f5268a9c2aceb384fe82ed4df6801dc68f072f5373e72f7424884e9b4edde.elf
    1⤵
      PID:662

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/662-1-0x00008000-0x0001df2c-memory.dmp