mirai | fd34a02657dc2cf7b37cb39eb21b2eecd643100a171a2ea2611d1137b756f391 | Triage

Analysis

max time kernel
1s
max time network
127s
platform
debian-9_armhf
resource
debian9-armhf-20221125-en
resource tags

arch:armhfimage:debian9-armhf-20221125-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
08/06/2023, 21:03

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

075bacd5f284f58f225917e5bd1bd706.elf
Size

26KB
MD5

075bacd5f284f58f225917e5bd1bd706
SHA1

de61d765cd680596be0b5b90e826aca8c867bd23
SHA256

fd34a02657dc2cf7b37cb39eb21b2eecd643100a171a2ea2611d1137b756f391
SHA512

343c0b932923afdc9d09721d50da53652d6acb9c33e8ea5787f991a49af183ac57d18503ee448b1d2733ef2a5cbb54f8bb6f72148e3bf6a274d5e1451f395fbf
SSDEEP

768:RMKyhegCCMqf1MFTd/14teAp909q3UELu0:GKy4qf1kTp14teAJL5

Score

10^/10

mirai lzrd botnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/self/exe	075bacd5f284f58f225917e5bd1bd706.elf

/tmp/075bacd5f284f58f225917e5bd1bd706.elf
/tmp/075bacd5f284f58f225917e5bd1bd706.elf
1⤵
- Reads runtime system information
PID:362

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads