mirai | 6a3794285a323a3a8b635df36220ac90ab69b0e390da5cd739bfdb98eb3bc5ad | Triage

Analysis

max time kernel
0s
platform
debian-9_armhf
resource
debian9-armhf-20240226-en
resource tags

arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
25-03-2024 11:47

Sharing

Report Analysis Logs

General

Target

ddef3719ad5cbf493a4342f1f06fc379
Size

30KB
MD5

ddef3719ad5cbf493a4342f1f06fc379
SHA1

10590b15dd0f22723b4031c127981450f1b7c37b
SHA256

6a3794285a323a3a8b635df36220ac90ab69b0e390da5cd739bfdb98eb3bc5ad
SHA512

e7074971dcc8c0750417df896cd7c41215b6cb18abfbec1899e875de50157770201c2d060c522a42e8e4b273093d3b18390e6c610399fa9e41c5499f9f772cc8
SSDEEP

768:GF3xwD4ZsDHoiFrAk0By68vKCsSvNE9q3UELEQ:GFnEHtrr68vKfqtL5

Score

10^/10

mirai sora botnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.

Processes:

ddef3719ad5cbf493a4342f1f06fc379

description ioc process

File opened for reading /proc/self/exe ddef3719ad5cbf493a4342f1f06fc379

/tmp/ddef3719ad5cbf493a4342f1f06fc379
/tmp/ddef3719ad5cbf493a4342f1f06fc379
1⤵
- Reads runtime system information
PID:659

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/659-1-0x00008000-0x0002bbdc-memory.dmp

Download