Analysis
-
max time kernel
0s -
max time network
159s -
platform
debian-12_armhf -
resource
debian12-armhf-20240221-en -
resource tags
arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem -
submitted
01-07-2024 10:40
General
-
Target
103.162.20.166-sora.arm6-2024-06-28T114037.elf
-
Size
50KB
-
MD5
1a27803ed290be29ffbea84f2e9bbfd7
-
SHA1
72c09fdd01665c7f7cb8b3833d6394380b14d7b4
-
SHA256
808ecbe5cd09bbfba2c0717ea369bbbdbd24aff17e5633c9664e85acbb991805
-
SHA512
21e29f37d364c952d7314f7dea8b4b39cf6977c7c49dd79fc66e1871abd70c111af7f7859b2701ab69df5d9fa030efd4f531e3c693a15ee51ea5551d9bd72bd0
-
SSDEEP
1536:JCoqsGR47SFYe8iqJNlQGR5LtvLuc7ckMr+:Qoqs28nFiSNlQGR5LtvLH7cV+
Malware Config
Extracted
Family
mirai
Botnet
SORA
Signatures
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes:
103.162.20.166-sora.arm6-2024-06-28T114037.elfdescription ioc process File opened for reading /proc/self/exe 103.162.20.166-sora.arm6-2024-06-28T114037.elf
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/705-1-0x00008000-0x00029730-memory.dmp