mirai | e078756fbaca8263b1d39b63bccbd33ccdf9f9f72bb07e81a769a0b4562b5564 | Triage

Analysis

max time kernel
0s
platform
debian-9_armhf
resource
debian9-armhf-20240221-en
resource tags

arch:armhfimage:debian9-armhf-20240221-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
22-02-2024 08:55

Sharing

Report Analysis Logs

General

Target

bbbc9e97b744ccac18318ac426220b44.elf
Size

26KB
MD5

bbbc9e97b744ccac18318ac426220b44
SHA1

87c849332ed55a37652700a4be283cd84638c0e2
SHA256

e078756fbaca8263b1d39b63bccbd33ccdf9f9f72bb07e81a769a0b4562b5564
SHA512

0e73cbe9e5d21cd5891f988ac1b28ec7cd6f60c3330a7d5f737b07a923dbd3de27a60c4a33e4d41a550e3e95aef907f88623c60168e35b852174d143d80b4d04
SSDEEP

768:eMKyhegCCMqfizjoNpd2vJdX6vwrg9q3UELua:NKy4qfqoeJdXWgpLX

Score

10^/10

mirai lzrd botnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.

Processes:

bbbc9e97b744ccac18318ac426220b44.elf

description ioc process

File opened for reading /proc/self/exe bbbc9e97b744ccac18318ac426220b44.elf

/tmp/bbbc9e97b744ccac18318ac426220b44.elf
/tmp/bbbc9e97b744ccac18318ac426220b44.elf
1⤵
- Reads runtime system information
PID:638

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/638-1-0x00008000-0x000228c4-memory.dmp

Download