Overview

overview

10

Static

static

5

02062dff27...2e.elf

ubuntu-22.04-amd64

10

Analysis

  • max time kernel
    149s
  • max time network
    131s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    26-01-2025 03:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    02062dff2765a4d772fa31daea8de2db65ea363cebf6662fda7426fe56c93a2e.elf

  • Size

    20KB

  • MD5

    371a8089f0d9b997dede00d908f2d729

  • SHA1

    4dc06821ff7cec56b2bc31f788084bc1e12af2d7

  • SHA256

    02062dff2765a4d772fa31daea8de2db65ea363cebf6662fda7426fe56c93a2e

  • SHA512

    ca1706b263af403bad3872fe29977b6c78725e707eaa0fb2d4f613bfb0f7dcf75a3196a444f49ed6eeac8120df8132b073b94ee2b0d6b6f77055d6200f65d754

  • SSDEEP

    384:M0sLpj8s/qPui8uZxoIA57RWQjJiEVi+ZkXaHhib+502F2vwA9dWuMW21bAK1oTm:k98o08kxofBE+ZkXaEbp2F2TWul0c5Qv

Score
10/10
mirailzrdbotnetdefense_evasiondiscovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Writes file to system bin folder 2 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads