mirai | 77129ed7d7387967fb20407318e5c564a6181221013d6d8fa32495d6dbbf65ca | Triage

Analysis

max time kernel
1s
max time network
124s
platform
linux_armhf
resource
debian9-armhf-en-20211208
resource tags

arch:armhfimage:debian9-armhf-en-20211208kernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
08/07/2023, 22:07

Sharing

Report Analysis Logs

General

Target

12f726a5d075b6556771b221066d6ee0.elf
Size

32KB
MD5

12f726a5d075b6556771b221066d6ee0
SHA1

668ea4622f98561873a4ad2c1fa51e5cb4e8eeec
SHA256

77129ed7d7387967fb20407318e5c564a6181221013d6d8fa32495d6dbbf65ca
SHA512

f6a972e49fccb26bf46c4110a09021cd45f5c9a21e0c79c9154059f4eae5b7f88aac5f8ef3549f55967f92196006ae36b0db208737a2468a57e987ff5a077cda
SSDEEP

768:LfNvClPnQ105vC99vKCtVNa0LrBdHHPNT4A9q3UELjT:LQlP6KM9vBlTHvNT4JLX

Score

10^/10

mirai sora botnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/self/exe	12f726a5d075b6556771b221066d6ee0.elf

/tmp/12f726a5d075b6556771b221066d6ee0.elf
/tmp/12f726a5d075b6556771b221066d6ee0.elf
1⤵
- Reads runtime system information
PID:368

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads