Overview

overview

10

Static

static

7

103.162.20...37.elf

debian-12-armhf

10

Analysis

  • max time kernel
    0s
  • max time network
    159s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    01-07-2024 10:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    103.162.20.166-sora.arm6-2024-06-28T114037.elf

  • Size

    50KB

  • MD5

    1a27803ed290be29ffbea84f2e9bbfd7

  • SHA1

    72c09fdd01665c7f7cb8b3833d6394380b14d7b4

  • SHA256

    808ecbe5cd09bbfba2c0717ea369bbbdbd24aff17e5633c9664e85acbb991805

  • SHA512

    21e29f37d364c952d7314f7dea8b4b39cf6977c7c49dd79fc66e1871abd70c111af7f7859b2701ab69df5d9fa030efd4f531e3c693a15ee51ea5551d9bd72bd0

  • SSDEEP

    1536:JCoqsGR47SFYe8iqJNlQGR5LtvLuc7ckMr+:Qoqs28nFiSNlQGR5LtvLH7cV+

Score
10/10
miraisorabotnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/103.162.20.166-sora.arm6-2024-06-28T114037.elf
    /tmp/103.162.20.166-sora.arm6-2024-06-28T114037.elf
    1⤵
    • Reads runtime system information
    PID:705

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/705-1-0x00008000-0x00029730-memory.dmp
    Download