Overview

overview

10

Static

static

7

0ef8aa8c46...13.elf

debian-9-mipsel

10

Analysis

  • max time kernel
    149s
  • max time network
    7s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240418-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240418-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    23-07-2024 01:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0ef8aa8c462efec6c17773c1f993c48f7de7727c12fca850f6ad816710d02a13.elf

  • Size

    24KB

  • MD5

    e02c868509bd1c8cd079309bf37a8e78

  • SHA1

    8f92b0c53a6b41fc450651288fdcf1c680416684

  • SHA256

    0ef8aa8c462efec6c17773c1f993c48f7de7727c12fca850f6ad816710d02a13

  • SHA512

    2ba2a2cebb8a71db8ae40212ff7d7385d37c20c3a24a466e52d686f622ccb077e0bfda8b73af02dcf7442573af031440d06623670184753271b9b2f78fef490c

  • SSDEEP

    768:0HrQlS07dEv0UXqUhvQE+CXKXkChmcbdnoXkZqCWvc:YQlS07FUXqIYSXKXhm2dnNqU

Score
10/10
mirailzrdbotnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 2 IoCs
  • Reads runtime system information 19 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/0ef8aa8c462efec6c17773c1f993c48f7de7727c12fca850f6ad816710d02a13.elf
    /tmp/0ef8aa8c462efec6c17773c1f993c48f7de7727c12fca850f6ad816710d02a13.elf
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Reads runtime system information
    PID:710

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads