mirai | ab6bc60882898b002f749bc3bfec4a82f4f64693533c093b275f0bb9b6d492e5

Analysis

max time kernel
0s
platform
debian-9_armhf
resource
debian9-armhf-20240226-en
resource tags

arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
12-03-2024 04:04

Target

c26784faf48f635e98dd3ebbef15562b
Size

27KB
MD5

c26784faf48f635e98dd3ebbef15562b
SHA1

6af6eb1a38d623cb857b31e9b300512d3b973390
SHA256

ab6bc60882898b002f749bc3bfec4a82f4f64693533c093b275f0bb9b6d492e5
SHA512

a0b5cafc79d3f4e55c62bcd2dab132c41627a70778fa9f772b937f43619c86520f3b6850a46af4e4ca52eaae6f527a12cdcddfdec43de4aeea71285b563e2672
SSDEEP

384:LcjUnFBzG1/lDf+BDdGYbidMhegr2JEm1STResWEbXYBdbuXhymdGUop5hS:LcjEq9iBDdFpMWGb1SwhYXYBZ6s3Uozc

Score

10^/10

mirai sora botnet

Family

mirai

Botnet

SORA

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.

Processes:

c26784faf48f635e98dd3ebbef15562b

description ioc process

File opened for reading /proc/self/exe c26784faf48f635e98dd3ebbef15562b

description	ioc	process
File opened for reading	/proc/self/exe	c26784faf48f635e98dd3ebbef15562b

/tmp/c26784faf48f635e98dd3ebbef15562b
/tmp/c26784faf48f635e98dd3ebbef15562b
1⤵
- Reads runtime system information
PID:650