mirai | 269085125a6c9a91ff1a2b3c3d57681e34daf75d67a62f7042708faf7ec72503

Analysis

max time kernel
2s
max time network
126s
platform
linux_armhf
resource
debian9-armhf-en-20211208
resource tags

arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
30-04-2023 21:48

Target

8264510459d6273026dccfdb29ea2460.elf
Size

46KB
MD5

8264510459d6273026dccfdb29ea2460
SHA1

71fba255c75571d777436cd11377d92c09e18941
SHA256

269085125a6c9a91ff1a2b3c3d57681e34daf75d67a62f7042708faf7ec72503
SHA512

0882bc255bbb28efd11e082ce1d4e09c0e8e84a5d3ebc493edbb8797a1a8ae47a4b124c085bc9ddbb7453cb4ce8cf08efa6387eb3eb08625256cc2e4986c6b96
SSDEEP

768:XLj9uq73up+4+Bdxt4E2kczKl9XzysNURf6aY82Wj6Kld7Z5Wuf1v4xNrNpDLLRs:bj5LurqIKpNUN6aYBILetXRaWFLo

Score

10^/10

mirai kyton botnet

Family

mirai

Botnet

KYTON

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.

Processes:

8264510459d6273026dccfdb29ea2460.elf

description ioc process

File opened for reading /proc/self/exe 8264510459d6273026dccfdb29ea2460.elf

description	ioc	process
File opened for reading	/proc/self/exe	8264510459d6273026dccfdb29ea2460.elf

/tmp/8264510459d6273026dccfdb29ea2460.elf
/tmp/8264510459d6273026dccfdb29ea2460.elf
1⤵
- Reads runtime system information
PID:351