mirai | 1dc0f1bd0cbb76ad885d6db14c9f91d4ba65eb2ee8b1d1c2cd8628a78b9ec160 | Triage

Analysis

max time kernel
0s
platform
debian-9_armhf
resource
debian9-armhf-20240221-en
resource tags

arch:armhfimage:debian9-armhf-20240221-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
24-02-2024 13:57

Sharing

Report Analysis Logs

General

Target

02a3b0a27474e2f614ee4ca86a17a458.elf
Size

26KB
MD5

02a3b0a27474e2f614ee4ca86a17a458
SHA1

01fee42f9f8e003b0a13dcb3c802ef745f653e38
SHA256

1dc0f1bd0cbb76ad885d6db14c9f91d4ba65eb2ee8b1d1c2cd8628a78b9ec160
SHA512

ce9962c231dc1b01e42e530d41dde3b51bd24fd1a35c0b1bd896ccfdc2be588c226f460965affc084457f0ab6c7e64078be45d4c5e668ba7013ca00a572cebfe
SSDEEP

768:JMKyhegCCMqfizjoNpd2vJdX6vwrf9q3UELu0:OKy4qfqoeJdXWgOLB

Score

10^/10

mirai lzrd botnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.

Processes:

02a3b0a27474e2f614ee4ca86a17a458.elf

description ioc process

File opened for reading /proc/self/exe 02a3b0a27474e2f614ee4ca86a17a458.elf

/tmp/02a3b0a27474e2f614ee4ca86a17a458.elf
/tmp/02a3b0a27474e2f614ee4ca86a17a458.elf
1⤵
- Reads runtime system information
PID:661

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/661-1-0x00008000-0x000228c4-memory.dmp

Download