mirai | 171c7dd7883ba8fe53b32c9b8ce826d5cb851e7a09b06b664f06cb286e9fdff6

Analysis

max time kernel
1s
max time network
124s
platform
linux_armhf
resource
debian9-armhf-en-20211208
resource tags

arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
03-06-2023 08:02

Target

b27a022ba7b0454864f318a9f4f84519.elf
Size

50KB
MD5

b27a022ba7b0454864f318a9f4f84519
SHA1

feb7c5f3beb361d740afb14bb498a76eece65e9e
SHA256

171c7dd7883ba8fe53b32c9b8ce826d5cb851e7a09b06b664f06cb286e9fdff6
SHA512

d400ee33118acb133309ed57e804c517846abb7986e955a79543dc7c26c14f50734232e92d9d796598856d2d6f8d6391fa1c9c1138cacd70cb7527466d09553f
SSDEEP

768:Y8koxBeDI8DosjvMifAw90DDrrpS64nxC8QLni49q3UEL7AE7cBWJ3h556VlVJPN:Y8bwfDZMRw9oDUhFAnwLEE7kEAVlVp64

Score

10^/10

mirai botnet

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.

Processes:

b27a022ba7b0454864f318a9f4f84519.elf

description ioc process

File opened for reading /proc/self/exe b27a022ba7b0454864f318a9f4f84519.elf

description	ioc	process
File opened for reading	/proc/self/exe	b27a022ba7b0454864f318a9f4f84519.elf

/tmp/b27a022ba7b0454864f318a9f4f84519.elf
/tmp/b27a022ba7b0454864f318a9f4f84519.elf
1⤵
- Reads runtime system information
PID:367