mirai | c58e2b417a9e8aa8350dc977f1b47d0f846c23ce038716a9568c5f9546e93b8e | Triage

Analysis

max time kernel
1s
max time network
127s
platform
debian-9_armhf
resource
debian9-armhf-20221111-en
resource tags

arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
30-04-2023 08:03

Sharing

Report Analysis Logs

General

Target

5b693d06959ce60c89ab3ce56f65872b.elf
Size

36KB
MD5

5b693d06959ce60c89ab3ce56f65872b
SHA1

9fb89429a1948c2a7acbfd79017c0cc9eaec6eba
SHA256

c58e2b417a9e8aa8350dc977f1b47d0f846c23ce038716a9568c5f9546e93b8e
SHA512

c1eed232a04e1b30addb837eeca09142b9c8f100a245d318a1e3250c987b2659606caf42644127c8a6d88b4f27cbfc0c6c9da858e9e47447d29190318bd72a86
SSDEEP

768:0OeFfWYy8jO04sEOppDebxg6lNvkPieVYC06VtGPq3UIx5:0OeFfqDOpiDkq6ugj

Score

10^/10

mirai mirai botnet

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.

Processes:

5b693d06959ce60c89ab3ce56f65872b.elf

description ioc process

File opened for reading /proc/self/exe 5b693d06959ce60c89ab3ce56f65872b.elf

/tmp/5b693d06959ce60c89ab3ce56f65872b.elf
/tmp/5b693d06959ce60c89ab3ce56f65872b.elf
1⤵
- Reads runtime system information
PID:368

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/368-1-0x00008000-0x0002d954-memory.dmp

Download