Overview

overview

10

Static

static

5

454fef5155...22.elf

debian-9-armhf

10

Analysis

  • max time kernel
    149s
  • max time network
    1s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240418-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    09-01-2025 02:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    454fef5155446e10661777d727116339071d6f48c69c83c071e72fe793f2b722.elf

  • Size

    45KB

  • MD5

    38d4de9f049a7e3f9c87a8b83b2d9b4c

  • SHA1

    67e447e805c8ccecb50b85a3d953d66b37cb7c6e

  • SHA256

    454fef5155446e10661777d727116339071d6f48c69c83c071e72fe793f2b722

  • SHA512

    81aa18aeb11082e8ff3fa45ad929517959ade0df6fe09738d35d8e2582ddf1a30bb808b22040e6e2186cd14dea6f66e74b530ec4f60420bb3446deef16149ef3

  • SSDEEP

    768:g/TYCoIxdEk+AxoTZAZHFeq8b3aw9q3UELbUXfi6nVMQHI4vcGpvo:gECFd+A6YHAxa5LRQZo

Score
10/10
mirailzrdbotnetdefense_evasiondiscovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Writes file to system bin folder 2 IoCs
  • Reads runtime system information 32 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/454fef5155446e10661777d727116339071d6f48c69c83c071e72fe793f2b722.elf
    /tmp/454fef5155446e10661777d727116339071d6f48c69c83c071e72fe793f2b722.elf
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Reads runtime system information
    PID:637

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads