Analysis

  • max time kernel
    0s
  • max time network
    144s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240729-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240729-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    21-11-2024 08:52

General

  • Target

    f5f7a40cb8243764ee3917edfc9249eaf84481b5dcf1c1ad6319033485cb8e09.elf

  • Size

    19KB

  • MD5

    73474214f2ac639c6b9ed1d69ace9451

  • SHA1

    c2b28ba20065fe934f9051e4b6bf9d0a2fa161b5

  • SHA256

    f5f7a40cb8243764ee3917edfc9249eaf84481b5dcf1c1ad6319033485cb8e09

  • SHA512

    c859980cc679b3052587f35c5b889994461922905b8c3027eabf30f17f4176393ad804c93c130301c8f8e372961fd8fd7ae940937168f8d9f9482e63468133a0

  • SSDEEP

    384:23me3Vg19bm2MxowbW6kn0HG0sdXIC62vnL6My5fEHjOh7qmdGUEpiaMy/k:o3Vg19bm2Wo9aHG0uFLU6y9q3UEL//k

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Mirai family

Processes

  • /tmp/f5f7a40cb8243764ee3917edfc9249eaf84481b5dcf1c1ad6319033485cb8e09.elf
    /tmp/f5f7a40cb8243764ee3917edfc9249eaf84481b5dcf1c1ad6319033485cb8e09.elf
    1⤵
      PID:704

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/704-1-0x00008000-0x0001a6f0-memory.dmp