mirai | 21b943692ebf76413ae62a66099a6d9f26965e1c0de79c98a2a3399cdbce24ad | Triage

Analysis

max time kernel
3s
platform
debian-9_armhf
resource
debian9-armhf-20231215-en
resource tags

arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
20/12/2023, 03:28

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

80d9533ae0e815bba2672474477cd4c3
Size

32KB
MD5

80d9533ae0e815bba2672474477cd4c3
SHA1

728fde82c23823ef4e67ceeaf5cf5b7060e34bee
SHA256

21b943692ebf76413ae62a66099a6d9f26965e1c0de79c98a2a3399cdbce24ad
SHA512

8b96a08ef9f8918db8466d9a7634fd086536e5781330d23a1abea30a3ccbe0f448d4421398cd5c0f0d638b6586ac94d4e382a2308c9682eb8581eb089df25b5e
SSDEEP

768:IP4wpZ3B4z7OntPsFqEfWjttZw5cemIg19q3U7uQA:E4wxFntEwtZaof8

Score

10^/10

mirai sora botnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/self/exe	80d9533ae0e815bba2672474477cd4c3

/tmp/80d9533ae0e815bba2672474477cd4c3
/tmp/80d9533ae0e815bba2672474477cd4c3
1⤵
- Reads runtime system information
PID:674

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads