Overview

overview

10

Static

static

5

2a1b03ac26...ef.elf

debian-9-armhf

10

Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240418-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    18-10-2024 01:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2a1b03ac26cc72118fb419de4bee3352adf536ee4d5472e8cee14150ca53b8ef.elf

  • Size

    30KB

  • MD5

    d8893525da7152c787dcc7d6309a61ba

  • SHA1

    87fa7fb894caaa77a9caa7bca6a5fd3fbe09f7cd

  • SHA256

    2a1b03ac26cc72118fb419de4bee3352adf536ee4d5472e8cee14150ca53b8ef

  • SHA512

    8fcf808c627c080350adcf005df853a6c1f3fb3e3b2b5d2745a972dcc4064ff731f7cebbbd7d4e8c9ade91727f587356f844b783fa6c90a2191b80a38ca1f6e6

  • SSDEEP

    768:W+rZ28Xesr+ujmN6QVFA5kjIS8Vu61z/1c/cq3UoN:WspXesrdmN/AOISgXl/1c/cC

Score
10/10
miraiunstablebotnetdiscovery

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/2a1b03ac26cc72118fb419de4bee3352adf536ee4d5472e8cee14150ca53b8ef.elf
    /tmp/2a1b03ac26cc72118fb419de4bee3352adf536ee4d5472e8cee14150ca53b8ef.elf
    1⤵
    • Reads runtime system information
    PID:652

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/652-1-0x00008000-0x00022808-memory.dmp

    Download