Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    07-03-2024 14:25

General

  • Target

    b8f289fadbf32bcd3c562041c6b84f34a38370938140b125d692e2ff46375422

  • Size

    27KB

  • MD5

    c29b134b03dfaa86b3dfd4f680600ea2

  • SHA1

    d7bb6a336524fdaecbb5a30fc112b762504e6cec

  • SHA256

    b8f289fadbf32bcd3c562041c6b84f34a38370938140b125d692e2ff46375422

  • SHA512

    6facb2205e6d991e4456f389c24daa439bc9c0c96cfc8743d553155e56c1944284140bd92f98189c896dcbb962eb01f492c75449e47fca850c12bab08a193afd

  • SSDEEP

    768:9ZqbD9poewFRgjRm6O7NxKnSXQnqgfs3Uozo:9s/9KgV+jDXQqvzo

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/b8f289fadbf32bcd3c562041c6b84f34a38370938140b125d692e2ff46375422
    /tmp/b8f289fadbf32bcd3c562041c6b84f34a38370938140b125d692e2ff46375422
    1⤵
    • Reads runtime system information
    PID:662

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/662-1-0x00008000-0x00020ff8-memory.dmp