mirai | 0383a26e29dfb15435fed0943ebbd296b0a374c07427895fc0bcb4521a5c1a95

Analysis

max time kernel
138s
max time network
141s
platform
linux_armhf
resource
debian9-armhf-en-20211208
resource tags

arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
05/06/2023, 13:14

Target

01bbcb06a7d7ba63fe4c033d64810e1902bec307a38f2de6061d01db2c496782.elf
Size

136KB
MD5

fdb6c7e2fb8f98d24dc4780d72edc4d6
SHA1

2c0f896eec00941b134b6ad439a9c6eb35a148d0
SHA256

01bbcb06a7d7ba63fe4c033d64810e1902bec307a38f2de6061d01db2c496782
SHA512

62c237dd87aa9a0b624cd2ab3becdbf4827bc21e585bda12b0db1081a0c02f1a4c305ccfbac65de40436c3a8064950cdf381b976d35aa1eedac7328f3906ce20
SSDEEP

3072:FZj667iPsazSqZow3NQn1hDvpCeGYlM/9JtaasucM:FZj6V0azSqZh3N2VCeGqM/9LPpB

Score

10^/10

mirai mirai botnet

Family

mirai

Botnet

MIRAI

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a	367	01bbcb06a7d7ba63fe4c033d64810e1902bec307a38f2de6061d01db2c496782.elf

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/tempb1ghNn	01bbcb06a7d7ba63fe4c033d64810e1902bec307a38f2de6061d01db2c496782.elf

/tmp/tempb1ghNn

Filesize
136KB

MD5
fdb6c7e2fb8f98d24dc4780d72edc4d6

SHA1
2c0f896eec00941b134b6ad439a9c6eb35a148d0

SHA256
01bbcb06a7d7ba63fe4c033d64810e1902bec307a38f2de6061d01db2c496782

SHA512
62c237dd87aa9a0b624cd2ab3becdbf4827bc21e585bda12b0db1081a0c02f1a4c305ccfbac65de40436c3a8064950cdf381b976d35aa1eedac7328f3906ce20

Download Submit