Analysis

  • max time kernel
    0s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240611-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    09-08-2024 15:22

General

  • Target

    SecuriteInfo.com.Linux.Siggen.9999.27101.20869.elf

  • Size

    46KB

  • MD5

    cbd1cd5502a4b0da1c81862c1dc38e4a

  • SHA1

    7aecdc978853ab4aa0ab0a31ebb7e126396a8a03

  • SHA256

    365128bd9c196800b76ea9414a05208ebcaf867ffd2bfeb8679885f2eb70c15e

  • SHA512

    ae8554edfc67f2c17da8c3aae39a338ded68c6294c42f002328fb850d763cb8d790f2392a1d799cdb2cf1bf1d0f22b4034180f4e18abbf42055e03189a3335fb

  • SSDEEP

    768:k6DPT48oP3IHfn5DW3BUcXu1OX/KEMoiMUhA3XnrSPrbC7fYKGfFYKcbdJgGlzDy:kWog/5DW3BUcXuAX/KEMoiMUhA3uiQZT

Score
10/10

Malware Config

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/SecuriteInfo.com.Linux.Siggen.9999.27101.20869.elf
    /tmp/SecuriteInfo.com.Linux.Siggen.9999.27101.20869.elf
    1⤵
    • Reads runtime system information
    PID:709

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/709-1-0x00400000-0x00469848-memory.dmp