mirai | b8294955f748f52d758276a43af57b181ea449645b2bef0b58d4cda6d2ccbfbb

Analysis

max time kernel
0s
max time network
124s
platform
debian-9_mipsel
resource
debian9-mipsel-20221125-en
resource tags

arch:mipselimage:debian9-mipsel-20221125-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
submitted
19-05-2023 19:36

Target

2888ffd4ffc082313f782a5c7db8e802.elf
Size

29KB
MD5

2888ffd4ffc082313f782a5c7db8e802
SHA1

66bd74d8e69fdb25d6a993b1d668db7e52015827
SHA256

b8294955f748f52d758276a43af57b181ea449645b2bef0b58d4cda6d2ccbfbb
SHA512

6dd2a58f7ed0930948f31a9a4b3034fc3836cc83c575885a22daaec92aa5203544d08f7ad5327d78acc569e805e431a56e72829a4cb2ba7a2dd6fd41e1af2d10
SSDEEP

768:K1uUtLrVDsAp6tLkF4FuetwEub4sU/M9g36KN1o/bJbpWGPOe:KbDs06t4BEub4sU/MbU1OzPF

Score

10^/10

mirai sora botnet

Family

mirai

Botnet

SORA

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.

Processes:

2888ffd4ffc082313f782a5c7db8e802.elf

description ioc process

File opened for reading /proc/self/exe 2888ffd4ffc082313f782a5c7db8e802.elf

description	ioc	process
File opened for reading	/proc/self/exe	2888ffd4ffc082313f782a5c7db8e802.elf

/tmp/2888ffd4ffc082313f782a5c7db8e802.elf
/tmp/2888ffd4ffc082313f782a5c7db8e802.elf
1⤵
- Reads runtime system information
PID:327