mirai | 2032c79092417154a576487fb7397e4a4101422172e490fc4a8f13dba5ab145f | Triage

Analysis

max time kernel
1s
max time network
126s
platform
debian-9_armhf
resource
debian9-armhf-20221111-en
resource tags

arch:armhfimage:debian9-armhf-20221111-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
29-05-2023 16:20

Sharing

Report Analysis Logs

General

Target

0e257e171ea8fe922e0aef24e264812a.elf
Size

26KB
MD5

0e257e171ea8fe922e0aef24e264812a
SHA1

bb3e8bef664b46b59688a7fcf3735a5cda472fc0
SHA256

2032c79092417154a576487fb7397e4a4101422172e490fc4a8f13dba5ab145f
SHA512

bc133f78348e3ce016b1076d11d98e4fa493e9596449cda56f3d6e2d3151fc6100a8566998a318c6a87fada3d944ce63de4b9c48b95955de2bbb551410f8b109
SSDEEP

768:6eFVPf1vHN6meIMxAZ1oXO56wtd9q3UEL3i:JPfZtDe0ZgO56NLy

Score

10^/10

mirai lzrd botnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.

Processes:

0e257e171ea8fe922e0aef24e264812a.elf

description ioc process

File opened for reading /proc/self/exe 0e257e171ea8fe922e0aef24e264812a.elf

/tmp/0e257e171ea8fe922e0aef24e264812a.elf
/tmp/0e257e171ea8fe922e0aef24e264812a.elf
1⤵
- Reads runtime system information
PID:368

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/368-1-0x00008000-0x000228c4-memory.dmp

Download