Overview

overview

10

Static

static

1

dlr.arm7.elf

debian-9-armhf

10

Analysis

  • max time kernel
    3s
  • max time network
    6s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240729-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240729-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    01-11-2024 13:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dlr.arm7.elf

  • Size

    1KB

  • MD5

    25a86731d1a9438d58651943ebbe60df

  • SHA1

    5e373c976aeb3296accaa191bc635d86fb0c254e

  • SHA256

    199bbc0daaeae9fc3998feae15204f991cf95884b8882e941234b1722c222780

  • SHA512

    20ae9e11cc707021cfc16024d7066f1b0945a24f353abb8aed57caeba18c876d4e9bd2a8a999b1f652d76f00f1d84e033b656bdb5146b8cc501041192c0c0c1c

Score
10/10
miraisorabotnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/dlr.arm7.elf
    /tmp/dlr.arm7.elf
    1⤵
    • Writes file to tmp directory
    PID:645

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /tmp/byte
    Filesize

    158KB

    MD5

    4eb42b9c0324c52aa1abeca8ea1f79a8

    SHA1

    00ec248b8264e7816f878ed08eade699e17d7f23

    SHA256

    5b7be271c2a864158115154710147cc12077e4d87f8a0701534e27ad32b2abde

    SHA512

    efeef18bb311d6c5b9dc656de611deb09ab61c5ac4b2ea79a2a77d0aa14daca9a83c5502f1bceb529a2f362573086eb9d81ce9f526708419ff5fd40eaf647086

    Download Submit