mirai | 5b323f9ff758c2eef56897d51d0b732eb495fb1b6a5b760c5fce3fcdf14af8ff | Triage

Analysis

max time kernel
2s
max time network
126s
platform
linux_armhf
resource
debian9-armhf-en-20211208
resource tags

arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
01-05-2023 12:14

Sharing

Report Analysis Logs

General

Target

a40f7d457e155807e6e8ef526a085405
Size

26KB
MD5

a40f7d457e155807e6e8ef526a085405
SHA1

da9294f7d2ca1fb0eba8050b3b3ec4c106053984
SHA256

5b323f9ff758c2eef56897d51d0b732eb495fb1b6a5b760c5fce3fcdf14af8ff
SHA512

4009abd1786a1866ec50603823698c861c48da711e9e967d3dac6db4ba4ba49702d28c5893a6d096b8b6ada9f1977366c8a7f2ca7ac2ce2500de0f3635d700df
SSDEEP

768:eMKyhegCCMqfizjoNpd2vJdX6vwrs9q3UELuk:NKy4qfqoeJdXWg1LB

Score

10^/10

mirai lzrd botnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.

Processes:

a40f7d457e155807e6e8ef526a085405

description ioc process

File opened for reading /proc/self/exe a40f7d457e155807e6e8ef526a085405

/tmp/a40f7d457e155807e6e8ef526a085405
/tmp/a40f7d457e155807e6e8ef526a085405
1⤵
- Reads runtime system information
PID:351

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/351-1-0x00008000-0x000228c4-memory.dmp

Download