Overview

overview

10

Static

static

7

SecuriteIn...62.elf

debian-9-armhf

10

Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    29-04-2024 21:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Linux.Siggen.9999.7539.11962.elf

  • Size

    31KB

  • MD5

    e82dd3ed8383adeb2179c03ee9ae0943

  • SHA1

    b664260e099431c66deee0b7dad9c145f17844f8

  • SHA256

    1448578c998948fa6435d5c34fb5cc776b349bed6c8153527fdcd3fd1c60b1d3

  • SHA512

    336025c569fe67f02e996726885000b2d148070625201d3e8467f1f661f9cbb87a520ebf65b5085f8deb35bb358e95a158768c3eee1db1c0a5d5a44037e84ce1

  • SSDEEP

    768:vkh3G0p3VzqHc5J/EgCus8OvW4uspFgv2NUvO6s3UozQa:vUWc39qHcTFs84ussA80zQa

Score
10/10
miraisorabotnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/SecuriteInfo.com.Linux.Siggen.9999.7539.11962.elf
    /tmp/SecuriteInfo.com.Linux.Siggen.9999.7539.11962.elf
    1⤵
    • Reads runtime system information
    PID:661

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/661-1-0x00008000-0x000267cc-memory.dmp
    Download