Analysis

  • max time kernel
    0s
  • max time network
    140s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240729-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240729-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    14-01-2025 02:36

General

  • Target

    5a91c929a65d9ced9ef59a0df3908daabbaef8e55ed2c592973c36cd2ad65f3b.elf

  • Size

    39KB

  • MD5

    0841bcf64223c9bb5704a0ea84cd8dd7

  • SHA1

    6ba4437566273a7f64966434c00c0454a513cdc1

  • SHA256

    5a91c929a65d9ced9ef59a0df3908daabbaef8e55ed2c592973c36cd2ad65f3b

  • SHA512

    2d1f4e3dc0822b220c7a09d5eeb59b9e1fa67a31bcdcca7d722971fbc572c1ab8752a3e826613cc181441b72f304967408de68c0c652d740fa2cbc88ba40a28a

  • SSDEEP

    768:gWVVasPGxpBnekBYlk8i0fPkD+bk4nwx/RWUiQ5FfdYo09q3UELym:gWXasPGxplekBgTP654QwGzLLh

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Mirai family
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/5a91c929a65d9ced9ef59a0df3908daabbaef8e55ed2c592973c36cd2ad65f3b.elf
    /tmp/5a91c929a65d9ced9ef59a0df3908daabbaef8e55ed2c592973c36cd2ad65f3b.elf
    1⤵
    • Reads runtime system information
    PID:705

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads