Analysis
-
max time kernel
0s -
platform
debian-9_armhf -
resource
debian9-armhf-20240611-en -
resource tags
arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
04-08-2024 01:20
General
-
Target
531387eb126a3f8e023b71c622fc181b9580e1b4937d8c64f6ac439874e0610d.elf
-
Size
32KB
-
MD5
cd170d8f1e771545d028c4a047408f41
-
SHA1
3d674f32addef314d2ac10da1f26f13276138a21
-
SHA256
531387eb126a3f8e023b71c622fc181b9580e1b4937d8c64f6ac439874e0610d
-
SHA512
31e68d7c2262f564f0f3e690d6237ff29765d708c39944abbf0385b0cc155dfa073973b90a5b91ad8a0cc23767e5ca7f3d2a53c6312de73822e1a542a29bd01e
-
SSDEEP
768:zljOHlOTcLs7Z8FviuyIENCHBhroJ4qDkGZ1vPtXE9q3UEL52:zAFOqquyqBhEiQLFXtLU
Malware Config
Extracted
Family
mirai
Botnet
SORA
Signatures
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes:
531387eb126a3f8e023b71c622fc181b9580e1b4937d8c64f6ac439874e0610d.elfdescription ioc process File opened for reading /proc/self/exe 531387eb126a3f8e023b71c622fc181b9580e1b4937d8c64f6ac439874e0610d.elf