mirai | c0bb9138cb6d6fd4b33d7c035c9e5aa1a398875fa0ced47daa1036c8b7bcb8d0

Analysis

max time kernel
1s
max time network
126s
platform
debian-9_armhf
resource
debian9-armhf-20230831-en
resource tags

arch:armhfimage:debian9-armhf-20230831-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
12/10/2023, 21:45

Target

c0bb9138cb6d6fd4b33d7c035c9e5aa1a398875fa0ced47daa1036c8b7bcb8d0elf_JC.elf
Size

58KB
MD5

3a476aa135cb18a9cd58951ccb018b44
SHA1

f501b93fd9f540c4c0be45bb5400fc0270f1fee4
SHA256

c0bb9138cb6d6fd4b33d7c035c9e5aa1a398875fa0ced47daa1036c8b7bcb8d0
SHA512

5aa2da1e5eae4d07f95ed04f556a8fb57a8b60046c06c33a7f485bb2d1be356ddc04b886ef0850f4ba62de53129b5ae81d427109f0009a0408c1626b2a860d6f
SSDEEP

1536:zcm7hsB563TK2ERHiGS/odGDJEG7dLqG9OEjxTyr/wgp:Nh80PE+/h2GJLqG9OEFycgp

Score

10^/10

mirai botnet

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/self/exe	c0bb9138cb6d6fd4b33d7c035c9e5aa1a398875fa0ced47daa1036c8b7bcb8d0elf_JC.elf

/tmp/c0bb9138cb6d6fd4b33d7c035c9e5aa1a398875fa0ced47daa1036c8b7bcb8d0elf_JC.elf
/tmp/c0bb9138cb6d6fd4b33d7c035c9e5aa1a398875fa0ced47daa1036c8b7bcb8d0elf_JC.elf
1⤵
- Reads runtime system information
PID:367