mirai | c58921d558ac984b9aaed00901663af39eddddb73e7f6982fdade6739dbe8aed

Analysis

max time kernel
1s
max time network
124s
platform
debian-9_armhf
resource
debian9-armhf-20230831-en
resource tags

arch:armhfimage:debian9-armhf-20230831-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
09-10-2023 20:58

Target

51efede997f84d02955384a0c78057b3.elf
Size

51KB
MD5

51efede997f84d02955384a0c78057b3
SHA1

26b6231c795564b891ce0ca8044d909d3b7bd6fb
SHA256

c58921d558ac984b9aaed00901663af39eddddb73e7f6982fdade6739dbe8aed
SHA512

3c28df8a281d2609013f817ba29cccd3b1ac408ce270fab6ecf2302526a213316c1905d646ed45ac030985fa980bd21548db582a8a496034a7766ffe4c915274
SSDEEP

768:5g9OmoWVV7GYbP+F2m+daEvUDheoXqJC3QzEaRlZ5XzoF9q3UELOdftNp8Ut4Pby:CVhaYblJfwX3spvLOWUtytGfH1

Score

10^/10

mirai sora botnet

Family

mirai

Botnet

SORA

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/self/exe	51efede997f84d02955384a0c78057b3.elf

/tmp/51efede997f84d02955384a0c78057b3.elf
/tmp/51efede997f84d02955384a0c78057b3.elf
1⤵
- Reads runtime system information
PID:367