mirai | 0ad9d76e97d31f30543b5c811f7facd746905fc8cd646e506d3a7e575bca39f7 | Triage

Analysis

max time kernel
2s
max time network
126s
platform
linux_armhf
resource
debian9-armhf-en-20211208
resource tags

arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
26-04-2023 07:01

Sharing

Report Analysis Logs

General

Target

0aea222976bbc1eefc8b8e98a3f1f234.elf
Size

52KB
MD5

0aea222976bbc1eefc8b8e98a3f1f234
SHA1

181c87842ee2326fda5dcca4c7aa5da0955b18d7
SHA256

0ad9d76e97d31f30543b5c811f7facd746905fc8cd646e506d3a7e575bca39f7
SHA512

9f6d33858c6e58d8ea034d207d46f27c50fd7692bdb8a6022857d3543905aec4dde14b1e69170823d89d0c10eabbcc65425baef98b197bbb416270bf2ae5e2c0
SSDEEP

1536:TDorF6qNA3odlCVpIiGexT2i7Rz9LgsDLqzaJBt4:TDox6qrdYpIiNxHz9Lx+WW

Score

10^/10

mirai botnet

Malware Config

Extracted

Family

mirai

C2

bn.vboot.pw

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.

Processes:

0aea222976bbc1eefc8b8e98a3f1f234.elf

description ioc process

File opened for reading /proc/self/exe 0aea222976bbc1eefc8b8e98a3f1f234.elf

/tmp/0aea222976bbc1eefc8b8e98a3f1f234.elf
/tmp/0aea222976bbc1eefc8b8e98a3f1f234.elf
1⤵
- Reads runtime system information
PID:351

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/351-1-0x00008000-0x0002ad38-memory.dmp

Download