mirai | 39467fd88ee608d2a8a5d2bb9332c14d1d4a821d7456fb942792dfb1512db755

Analysis

max time kernel
2s
platform
debian-9_armhf
resource
debian9-armhf-20231215-en
resource tags

arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
19/12/2023, 22:39

Target

1bd99a6cbc1273a3a5887ef0ccf1bf2f
Size

34KB
MD5

1bd99a6cbc1273a3a5887ef0ccf1bf2f
SHA1

d6ba2ba32e3041dacde11af168632f684b8ab006
SHA256

39467fd88ee608d2a8a5d2bb9332c14d1d4a821d7456fb942792dfb1512db755
SHA512

295d977b13e3aadd3fd18f85a484227a83efc4f7b405d986d96686d2d0b24486b13c537230102cb84ba0ce9dd6d1752ea46fdac5ac1185ce22ee26dd9c16ee42
SSDEEP

768:Ql2EiLFFPw3F62Tz1L0Qq9Ccxj10uPlMtccKydxIq3UIoi:Ql2EiLFFY1lTzqP9Z50ntpKO9l

Score

10^/10

mirai sora botnet

Family

mirai

Botnet

SORA

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/self/exe	1bd99a6cbc1273a3a5887ef0ccf1bf2f

/tmp/1bd99a6cbc1273a3a5887ef0ccf1bf2f
/tmp/1bd99a6cbc1273a3a5887ef0ccf1bf2f
1⤵
- Reads runtime system information
PID:656