Malware Analysis Report

2025-03-15 06:18

Sample ID 240704-bvp2xayejb
Target 56b63851e1d606ba452fcf37e740e8a1d719ea80105aeaaf1e829f7baebcfcf2.elf
SHA256 56b63851e1d606ba452fcf37e740e8a1d719ea80105aeaaf1e829f7baebcfcf2
Tags
upx mirai botnet
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

56b63851e1d606ba452fcf37e740e8a1d719ea80105aeaaf1e829f7baebcfcf2

Threat Level: Known bad

The file 56b63851e1d606ba452fcf37e740e8a1d719ea80105aeaaf1e829f7baebcfcf2.elf was found to be: Known bad.

Malicious Activity Summary

upx mirai botnet

Mirai

UPX packed file

Reads runtime system information

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-07-04 01:28

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-07-04 01:28

Reported

2024-07-04 01:30

Platform

debian9-armhf-20240611-en

Max time kernel

0s

Command Line

[/tmp/56b63851e1d606ba452fcf37e740e8a1d719ea80105aeaaf1e829f7baebcfcf2.elf]

Signatures

Mirai

botnet mirai

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/exe /tmp/56b63851e1d606ba452fcf37e740e8a1d719ea80105aeaaf1e829f7baebcfcf2.elf N/A

Processes

/tmp/56b63851e1d606ba452fcf37e740e8a1d719ea80105aeaaf1e829f7baebcfcf2.elf

[/tmp/56b63851e1d606ba452fcf37e740e8a1d719ea80105aeaaf1e829f7baebcfcf2.elf]

Network

N/A

Files

memory/655-1-0x00008000-0x0001f5cc-memory.dmp