Analysis

  • max time kernel
    0s
  • max time network
    138s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    03/08/2024, 02:22

General

  • Target

    dfbdb8129ede4e79e15deb0fe124272305e0c67bdeb736697a323d12f3682d3d.elf

  • Size

    48KB

  • MD5

    3f704eb0ba23925e3f00f347d095da61

  • SHA1

    83b2a7cadee2414b22d9be0725502c4121905ab6

  • SHA256

    dfbdb8129ede4e79e15deb0fe124272305e0c67bdeb736697a323d12f3682d3d

  • SHA512

    1e69d608629f7137e6e4580a85c85f79db5fbe50b4d60ed706888af75a5ba466db9e1affd3f982603abf0609bc5a9495a4adfa4fcead4e134d30c6948e58d40b

  • SSDEEP

    768:l/YOE7nQ1jjdzm0IV04+Rr2EiPB6POdU/8u3i15MuaHKN7isxh3/q3UI1:JYORqVErliAPOdU/ry5fVlisxh3Q1

Score
10/10

Malware Config

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/dfbdb8129ede4e79e15deb0fe124272305e0c67bdeb736697a323d12f3682d3d.elf
    /tmp/dfbdb8129ede4e79e15deb0fe124272305e0c67bdeb736697a323d12f3682d3d.elf
    1⤵
    • Reads runtime system information
    PID:713

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads