Analysis
-
max time kernel
0s -
platform
debian-9_armhf -
resource
debian9-armhf-20240226-en -
resource tags
arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
24-04-2024 14:32
General
-
Target
d55941e5d6f8c8bf5247957509865002.elf
-
Size
50KB
-
MD5
d55941e5d6f8c8bf5247957509865002
-
SHA1
1384ccf60c0a75a4344172698ce6f28ab2aefd23
-
SHA256
7af4fe14d2e50e6bff038f368442f60b66ed7a4b0b0df7a7327e2c806084622d
-
SHA512
c60d8213e65d1d01120d99e5a5fa758b92861f211f70095b59440b32b0c38233664ef614d23934932eb53d2a14ea9f1c04334fcb0fd96b9fdf1fea36c707776c
-
SSDEEP
1536:uCoqsGR4eB3g0Vmh1IxIpC8JeL9VE8amFZP7R3J:Xoqs2Twh6P8JeLJ9ZP7R3J
Malware Config
Extracted
Family
mirai
Botnet
SORA
Signatures
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes:
d55941e5d6f8c8bf5247957509865002.elfdescription ioc process File opened for reading /proc/self/exe d55941e5d6f8c8bf5247957509865002.elf