Overview

overview

10

Static

static

5

22b52a9957...1c.elf

debian-12-mipsel

10

Analysis

  • max time kernel
    150s
  • max time network
    10s
  • platform
    debian-12_mipsel
  • resource
    debian12-mipsel-20240418-en
  • resource tags

    arch:mipselimage:debian12-mipsel-20240418-enkernel:6.1.0-17-4kc-maltalocale:en-usos:debian-12-mipselsystem
  • submitted
    31-12-2024 02:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    22b52a99576aff4f197eefc1e10fa3dd1c61471746b9583b8af78859346b371c.elf

  • Size

    31KB

  • MD5

    1db9698113ad53eb359e179841e1faea

  • SHA1

    c2b12ddd770d9b27efb8cf4f01b97eae51458038

  • SHA256

    22b52a99576aff4f197eefc1e10fa3dd1c61471746b9583b8af78859346b371c

  • SHA512

    b4fe08e9a954eed07500a1aead7fab76fc145a229661a450fd2472b88ece7915933bf54fbad96308f21522fd63595945d263ddaa799fbc8018c0e002ca381433

  • SSDEEP

    768:C4yv/FASi9+lhPuoII3rLjWem2mPRgxj1TC0H/qWT:Cpbi9TyrLjVmlg3Tl/L

Score
10/10
mirailzrdbotnetdefense_evasiondiscovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Writes file to system bin folder 2 IoCs
  • Reads runtime system information 17 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/22b52a99576aff4f197eefc1e10fa3dd1c61471746b9583b8af78859346b371c.elf
    /tmp/22b52a99576aff4f197eefc1e10fa3dd1c61471746b9583b8af78859346b371c.elf
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Reads runtime system information
    PID:744

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads