Overview

overview

10

Static

static

5

c3f949e6c0...da.elf

debian-12-armhf

10

Analysis

  • max time kernel
    0s
  • max time network
    163s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    02/12/2024, 02:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c3f949e6c0175910c37cea9231006b137fae9321130a67cd5fbdbe6c579b6fda.elf

  • Size

    26KB

  • MD5

    3326d694e21a47e52e9991568ad4895b

  • SHA1

    68e2249a102c5c2e478e94cc85d37fd66085aa69

  • SHA256

    c3f949e6c0175910c37cea9231006b137fae9321130a67cd5fbdbe6c579b6fda

  • SHA512

    e847093e4ff193efabfb083a42f57cb05b986427163ff1e34f915c2011f3cc26a4a3cd297af05fbf5d83753e6e983ddd6ead30ae3c7b60523e99484ea284eec9

  • SSDEEP

    768:4eFzIGBncjvZcMInTxiXjBfceCm9q3UELuL:3AvJuABz8Li

Score
10/10
mirailzrdbotnetdiscovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/c3f949e6c0175910c37cea9231006b137fae9321130a67cd5fbdbe6c579b6fda.elf
    /tmp/c3f949e6c0175910c37cea9231006b137fae9321130a67cd5fbdbe6c579b6fda.elf
    1⤵
    • Reads runtime system information
    PID:709

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads