Analysis Overview
score
10/10
SHA256
8d6671293b0b9058279182d882b55607dcf3349f8770f5e84c088552212a1140
Threat Level: Known bad
The file dlr.arm7.elf was found to be: Known bad.
Malicious Activity Summary
Mirai
Mirai family
Writes file to tmp directory
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2024-11-09 13:40
Signatures
N/A
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-09 13:40
Reported
2024-11-09 13:43
Platform
debian12-armhf-20240221-en
Max time kernel
3s
Max time network
179s
Command Line
[/tmp/dlr.arm7.elf]
Signatures
Mirai
Mirai family
Writes file to tmp directory
| Description | Indicator | Process | Target |
| File opened for modification | /tmp/byte | /tmp/dlr.arm7.elf | N/A |
Processes
/tmp/dlr.arm7.elf
[/tmp/dlr.arm7.elf]
Network
| Country | Destination | Domain | Proto |
| US | 154.216.16.127:80 | 154.216.16.127 | tcp |
| US | 1.1.1.1:53 | debian12-armhf-20240221-en-4 | udp |
| US | 1.1.1.1:53 | debian12-armhf-20240221-en-4 | udp |
| US | 1.1.1.1:53 | debian12-armhf-20240221-en-4 | udp |
| US | 1.1.1.1:53 | debian12-armhf-20240221-en-4 | udp |
Files
/tmp/byte
| MD5 | b3f80cf126fef93601c6710fc02855b4 |
| SHA1 | e36c00033f3c977f7bd8a1dd740885c27ba9581f |
| SHA256 | 794fa0280e56a929306cc43b10b1c9f191265868a8fbc3a1ed3f5a905fb65ceb |
| SHA512 | e3f050f2bed368cd0c98e3cfefcdf77bc3975959cd74ed507e835c7b2dffc72a2ea6ffae0af95d5bbfaa3314f545125437ac8ccfd697facbbbeba1d73d60baeb |