Malware Analysis Report

2025-06-15 19:38

Sample ID 240521-refrasge72
Target 21527dc4155ae2c33de86dbdc9ec39aad788a0bb01219a3eb6356d497ab2b65a.elf
SHA256 21527dc4155ae2c33de86dbdc9ec39aad788a0bb01219a3eb6356d497ab2b65a
Tags
mirai
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

21527dc4155ae2c33de86dbdc9ec39aad788a0bb01219a3eb6356d497ab2b65a

Threat Level: Known bad

The file 21527dc4155ae2c33de86dbdc9ec39aad788a0bb01219a3eb6356d497ab2b65a.elf was found to be: Known bad.

Malicious Activity Summary

mirai

Mirai family

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-05-21 14:06

Signatures

Mirai family

mirai

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-21 14:06

Reported

2024-05-21 14:06

Platform

ubuntu1804-amd64-20240508-en

Max time kernel

0s

Command Line

[/tmp/21527dc4155ae2c33de86dbdc9ec39aad788a0bb01219a3eb6356d497ab2b65a.elf]

Signatures

N/A

Processes

/tmp/21527dc4155ae2c33de86dbdc9ec39aad788a0bb01219a3eb6356d497ab2b65a.elf

[/tmp/21527dc4155ae2c33de86dbdc9ec39aad788a0bb01219a3eb6356d497ab2b65a.elf]

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-21 14:06

Reported

2024-05-21 14:06

Platform

debian9-armhf-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-05-21 14:06

Reported

2024-05-21 14:06

Platform

debian9-mipsbe-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-05-21 14:06

Reported

2024-05-21 14:06

Platform

debian9-mipsel-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A