Source: x86.elf |
Virustotal: Detection: 36% |
Perma Link |
Source: x86.elf |
ReversingLabs: Detection: 47% |
Source: x86.elf |
String: /cmdlinewgettftpchmodcurl/root//tmp//dev//bin//etc//boot//usr//mnt//var//sbin//snap/ |
Source: /tmp/x86.elf (PID: 6248) |
Socket: 127.0.0.1::33337 |
Jump to behavior |
Source: x86.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_1cb033f3 Author: unknown |
Source: 6248.1.0000000000400000.000000000040d000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_1cb033f3 Author: unknown |
Source: ELF static info symbol of initial sample |
.symtab present: no |
Source: x86.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_1cb033f3 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 49201ab37ff0b5cdfa9b0b34b6faa170bd25f04df51c24b0b558b7534fecc358, id = 1cb033f3-68c1-4fe5-9cd1-b5d066c1d86e, last_modified = 2021-09-16 |
Source: 6248.1.0000000000400000.000000000040d000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_1cb033f3 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 49201ab37ff0b5cdfa9b0b34b6faa170bd25f04df51c24b0b558b7534fecc358, id = 1cb033f3-68c1-4fe5-9cd1-b5d066c1d86e, last_modified = 2021-09-16 |
Source: classification engine |
Classification label: mal68.linELF@0/0@0/0 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7 |