Overview

overview

10

Static

static

5

f4ce977055...3f.elf

ubuntu-22.04-amd64

10

Analysis

  • max time kernel
    149s
  • max time network
    128s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    30-01-2025 03:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f4ce9770558764339cce8d8f8d334c2a36849a9d7b773b5aa8583cdfdf9fdf3f.elf

  • Size

    21KB

  • MD5

    2be0ffbd739e3310964dfd237b27a5cb

  • SHA1

    a9fc0a34c6d673215c92b2d784b222a34a365cfe

  • SHA256

    f4ce9770558764339cce8d8f8d334c2a36849a9d7b773b5aa8583cdfdf9fdf3f

  • SHA512

    f7aaf9c3dbe047b7fbfd5bcb90d8c38184da7798d0f8b0f9b1fb97c28e606cdada5a7d7da906748c32af4a61fdd5291111ac4d5ff677bd01618b59bad421cb3c

  • SSDEEP

    384:MGbrJRQKbj8s/qPGajVhXLGj9OP6uX3mK7tSAv/Ojgv2h/j8e80Rceq5+7Sybh:Dhn8oDoVlGjcCO3VRHmjhxBq+Bbh

Score
10/10
mirailzrdbotnetdefense_evasiondiscovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Writes file to system bin folder 2 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads