mirai | 849c3314d5d459cb55cd3fe87b88b5a8a62067e1a7e9b70db38b86aa4adf6fcf | Triage

Analysis

max time kernel
3s
platform
debian-9_armhf
resource
debian9-armhf-20231215-en
resource tags

arch:armhfimage:debian9-armhf-20231215-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
20-12-2023 12:54

Sharing

Report Analysis Logs

General

Target

b513760b99d8914f6cfd4913fb3bd533
Size

26KB
MD5

b513760b99d8914f6cfd4913fb3bd533
SHA1

acd796f882dc2baa1f8ff25495520e1adf972249
SHA256

849c3314d5d459cb55cd3fe87b88b5a8a62067e1a7e9b70db38b86aa4adf6fcf
SHA512

b65b04e0ec970e98d251dc7daf1f56a4bd54c980cc3096b0f2f439275f745d8147c44f529182c4b67cc3da1e8f1a24cdd71c04067fefaa3397cc207bcf490d10
SSDEEP

768:/0duC2NC5ROQMFdEgph5O7nhONFUdNqs3Uozs:xC2qROQMFdEgp0UQdFzs

Score

10^/10

mirai botnet

Malware Config

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.

Processes:

b513760b99d8914f6cfd4913fb3bd533

description ioc process

File opened for reading /proc/self/exe b513760b99d8914f6cfd4913fb3bd533

/tmp/b513760b99d8914f6cfd4913fb3bd533
/tmp/b513760b99d8914f6cfd4913fb3bd533
1⤵
- Reads runtime system information
PID:675

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/675-1-0x00008000-0x00021b40-memory.dmp

Download