Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    09-11-2024 03:46

General

  • Target

    d9f1f5b96f2c4590c7bf881496dc8fe1f4e0575c93b746ba36064e9478bcb85c.elf

  • Size

    20KB

  • MD5

    438de24d69bd4b318a373e9a3a48f914

  • SHA1

    b3cfd80f074e83771a95d1869fda29cfc6e9e3fa

  • SHA256

    d9f1f5b96f2c4590c7bf881496dc8fe1f4e0575c93b746ba36064e9478bcb85c

  • SHA512

    58fb09e0364ffe7fa44fd6f8155d24f726941453bfb82b0de9698085eab005a4388bbcd0c57150adc037f5e2ab3e38f5ef902af2196e5eeb82e1d8212304c61f

  • SSDEEP

    384:k93CFDMsFGg7EMUTmli2KvZw93KmQxPitrsnIns0t2dfNH8rEORHhymdGUop5htm:QCyEPgoKRwZGx04nIns0t2EEORHs3Uoe

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Mirai family

Processes

  • /tmp/d9f1f5b96f2c4590c7bf881496dc8fe1f4e0575c93b746ba36064e9478bcb85c.elf
    /tmp/d9f1f5b96f2c4590c7bf881496dc8fe1f4e0575c93b746ba36064e9478bcb85c.elf
    1⤵
      PID:645

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/645-1-0x00008000-0x0001a904-memory.dmp