Overview

overview

10

Static

static

5

0ac04010c8...39.elf

debian-9-mips

10

Analysis

  • max time kernel
    143s
  • max time network
    149s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240418-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240418-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    16-11-2024 02:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0ac04010c8734fe5478b19f7d22d9b52c29b3f6872f7683cf42de24e94f42639.elf

  • Size

    36KB

  • MD5

    9296278248405f60ada64caca1ca95fa

  • SHA1

    9188640941dd539dbf33425d5bf41428aa2e414f

  • SHA256

    0ac04010c8734fe5478b19f7d22d9b52c29b3f6872f7683cf42de24e94f42639

  • SHA512

    b3437a16b7698ef2d6f9e4d12dde3bbb7b0f19da211625b30c0d4e68b8938f044a18955757185e26ef2b600ee68c77eb3cd7229be0a4535f5f51f052fdfaddae

  • SSDEEP

    768:M0sYkr9Ov0DCe18ayBA0kVaZLY8vzZJJxJgGlzDpbuR1JK:o9Y0V18a08Oz1VJuI

Score
10/10
mirailzrdbotnetdefense_evasion

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion

Processes

  • /tmp/0ac04010c8734fe5478b19f7d22d9b52c29b3f6872f7683cf42de24e94f42639.elf
    /tmp/0ac04010c8734fe5478b19f7d22d9b52c29b3f6872f7683cf42de24e94f42639.elf
    1⤵
    • Modifies Watchdog functionality
    PID:727

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads