Malware Analysis Report

2024-10-10 11:06

Sample ID 240703-bl4hyatflp
Target 3cff6a1e7fa95cf00b28861d10e7bd5be38d753dd3ccc57b502f99c323c9aa4b.elf
SHA256 3cff6a1e7fa95cf00b28861d10e7bd5be38d753dd3ccc57b502f99c323c9aa4b
Tags
mirai mirai botnet upx
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

3cff6a1e7fa95cf00b28861d10e7bd5be38d753dd3ccc57b502f99c323c9aa4b

Threat Level: Known bad

The file 3cff6a1e7fa95cf00b28861d10e7bd5be38d753dd3ccc57b502f99c323c9aa4b.elf was found to be: Known bad.

Malicious Activity Summary

mirai mirai botnet upx

Mirai

UPX packed file

Reads runtime system information

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-07-03 01:14

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-07-03 01:14

Reported

2024-07-03 01:17

Platform

debian9-mipsbe-20240611-en

Max time kernel

0s

Command Line

[/tmp/3cff6a1e7fa95cf00b28861d10e7bd5be38d753dd3ccc57b502f99c323c9aa4b.elf]

Signatures

Mirai

botnet mirai

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/exe /tmp/3cff6a1e7fa95cf00b28861d10e7bd5be38d753dd3ccc57b502f99c323c9aa4b.elf N/A

Processes

/tmp/3cff6a1e7fa95cf00b28861d10e7bd5be38d753dd3ccc57b502f99c323c9aa4b.elf

[/tmp/3cff6a1e7fa95cf00b28861d10e7bd5be38d753dd3ccc57b502f99c323c9aa4b.elf]

Network

N/A

Files

memory/702-1-0x00400000-0x0045bfa0-memory.dmp