Analysis

  • max time kernel
    0s
  • max time network
    125s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    21-07-2024 18:26

General

  • Target

    aa48e14f23ec5c400faf4d8bff901afc.elf

  • Size

    16KB

  • MD5

    aa48e14f23ec5c400faf4d8bff901afc

  • SHA1

    a43bda954693f9d20ba8f24b8cb2dd0eda51a2c6

  • SHA256

    8c4e1351dada36ca8c9998af2af15dde27b414d92d34fd5a067fd72d66f1fe98

  • SHA512

    a36916e900f267f049315d5a97d7a558181bc91d7df21992fdcfe4ab4e3f74ca1606f2eeb0011c9d3f03f554bdb1375d281ecf072bea0fa1cfd47a666bb73584

  • SSDEEP

    384:JAapQde+jUnHcTfnsFiQeJ6qUpZh7qmdGUEpiax:eapubgcTkFV4gX9q3UELx

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

Processes

  • /tmp/aa48e14f23ec5c400faf4d8bff901afc.elf
    /tmp/aa48e14f23ec5c400faf4d8bff901afc.elf
    1⤵
      PID:704

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/704-1-0x00008000-0x00018578-memory.dmp