Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240611-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    12-07-2024 16:31

General

  • Target

    sora.arm5

  • Size

    26KB

  • MD5

    b4ad4c8fea78fc4ccac729e261bf6698

  • SHA1

    c5f5ef5db348d6524b74bc45ca6767a9d6634cdf

  • SHA256

    cf4fe494238f2f4ca2c6c942c7a02dcaa8f37251b8be58167054c92f3e0cd2b7

  • SHA512

    315cd670c4bb573b25ea92c731e9649a7c2b0d889770fdcbd981739bf29077887c76d28d7c81dd41032d3fe5638c64b75d0498c3b46def131deabc5bc8d2fb34

  • SSDEEP

    384:rhrVOGIg161jHO+tA+ScY4St6U4ANNcxZHsNSvb+rODIPrb/UISzU6YC4bxICpr5:vuvs4St6mBwvb+CEb/LN6yR/s3UozLGN

Score
10/10

Malware Config

Extracted

Family

mirai

Botnet

MIRAI

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

Processes

  • /tmp/sora.arm5
    /tmp/sora.arm5
    1⤵
      PID:639

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/639-1-0x00008000-0x000214e8-memory.dmp