Overview

overview

10

Static

static

5

0865ed8bbb...1c.elf

debian-12-armhf

10

Analysis

  • max time kernel
    0s
  • max time network
    151s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    31/12/2024, 02:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0865ed8bbba445e411ff0e67ff905dde05441ef60f5d064f5ee2b699f99a901c.elf

  • Size

    35KB

  • MD5

    38b971a97da83be98d6e908b3fd551f9

  • SHA1

    d6703c427af958bd63aba8e90e3ff72c6b4c5739

  • SHA256

    0865ed8bbba445e411ff0e67ff905dde05441ef60f5d064f5ee2b699f99a901c

  • SHA512

    6bda823929512667b458dd20016bf8a52b949b608b53a0ac80b6f37db87ffd056a423dfb5132afe75c17f44094e7f2f1bf49bff444d3d211299be6041fdea1ae

  • SSDEEP

    768:piSHDg4TG7PD0cJuImKsf6FI/fBuLVz9q3UELFC:pBHDgQYPtmdfb3BuLVyLc

Score
10/10
miraibotnetdiscovery

Malware Config

Extracted

Family

mirai

C2

e.xijinping.mov

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/0865ed8bbba445e411ff0e67ff905dde05441ef60f5d064f5ee2b699f99a901c.elf
    /tmp/0865ed8bbba445e411ff0e67ff905dde05441ef60f5d064f5ee2b699f99a901c.elf
    1⤵
    • Reads runtime system information
    PID:709

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads