Overview

overview

10

Static

static

5

c3e8d371ec...7a.elf

debian-12-armhf

10

Analysis

  • max time kernel
    0s
  • max time network
    162s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    08/12/2024, 02:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c3e8d371ecdcb75339c6c41001031647167ff10bc36ff41f5d6e1c65b436277a.elf

  • Size

    62KB

  • MD5

    f2c74dd669c54022782a4c6f90136c4c

  • SHA1

    f0512b363e4ba7d4a3c6eb9459445093ee3ddbc6

  • SHA256

    c3e8d371ecdcb75339c6c41001031647167ff10bc36ff41f5d6e1c65b436277a

  • SHA512

    b4f2273ef6f848f7accc5f4424e5ba037f1051d9429bb05d1bc14d8bb916ea9d9ef1b86ffeb1d5a77e495e5287502030559b56fa9d4e7ae567a1310a2128985c

  • SSDEEP

    1536:YlZo7WIxEiFvPEEBFQfBtCCTYEQ1RxemjFjSLEnRbD+aQrt6:R7lxUM4BtYEQPx7j8LEnRm1Y

Score
10/10
miraikurabotnetdiscovery

Malware Config

Extracted

Family

mirai

Botnet

KURA

C2

huyhoang.ddns.net

botnet.nsohunter.com

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/c3e8d371ecdcb75339c6c41001031647167ff10bc36ff41f5d6e1c65b436277a.elf
    /tmp/c3e8d371ecdcb75339c6c41001031647167ff10bc36ff41f5d6e1c65b436277a.elf
    1⤵
    • Reads runtime system information
    PID:709

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads