mirai | fe648e686f068122a8c279dce6488258b16c97c3b116c9f5e40f35680ebe77a9 | Triage

Analysis

max time kernel
2s
platform
debian-9_armhf
resource
debian9-armhf-20231215-en
resource tags

arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
19-12-2023 23:01

Sharing

Report Analysis Logs

General

Target

3e32d17b23ac9a3a34d012ae9a744a05
Size

26KB
MD5

3e32d17b23ac9a3a34d012ae9a744a05
SHA1

b2619b9a4daf33a16dc4b9874dedff9d518ea5be
SHA256

fe648e686f068122a8c279dce6488258b16c97c3b116c9f5e40f35680ebe77a9
SHA512

3e1fe4ae4c4fe8f7217edaec013e720e4c1b6ca038704fe9ef8b4d4e2189a8ee41a916c468310127607a3e39cf07fb1ace69d04a08300e26b8f1fcd81bed4a41
SSDEEP

768:HUiP32l+kHlHzwxv8WlL75TTNQ2UlFwQJPcj3UMe:Hb4+kHS80QlFweUS

Score

10^/10

mirai unstable botnet

Malware Config

Extracted

Family

mirai

Botnet

UNSTABLE

C2

cnc.casualaffinity.net

scan.casualaffinity.net

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/self/exe	3e32d17b23ac9a3a34d012ae9a744a05

/tmp/3e32d17b23ac9a3a34d012ae9a744a05
/tmp/3e32d17b23ac9a3a34d012ae9a744a05
1⤵
- Reads runtime system information
PID:638

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads