Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240418-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    04/08/2024, 15:14

General

  • Target

    xd.arm6.elf

  • Size

    33KB

  • MD5

    50aabfa5270a2c96e9bb378474d9324a

  • SHA1

    0457f4ff3182b62721b6fd899e6f5fcd084e148e

  • SHA256

    2b11f652cd2a1e5505ea7468d57e10a5c52609ef556b11699a292c4fc87fa9b7

  • SHA512

    088be4de6663a21191bf3d6de3c91082eba91209f310d4b997e71391196aefa3699e28ba32b837929a26c9ae9f040b781437a0cd0e808f29be4fac78d6d47630

  • SSDEEP

    768:aYVgAxkU1RHz5poClGL1aMnXha7WBNoWhSxHji9q3UELC9:aYyAxdRH9zILLBBrodjXLW

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/xd.arm6.elf
    /tmp/xd.arm6.elf
    1⤵
    • Reads runtime system information
    PID:638

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads