mirai | 41a17b0e5b0f67166d9cb1ea23a9cf96c9a43def0c49f06d1186451ec51de887 | Triage

Analysis

max time kernel
0s
max time network
132s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20240611-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
01-11-2024 14:07

Sharing

Report Analysis Logs

General

Target

dlr.x86.elf
Size

1KB
MD5

97507bf95e3bf8136ad1423206c3422f
SHA1

0f8338720e2c1ca030801106b4b064f65748e051
SHA256

41a17b0e5b0f67166d9cb1ea23a9cf96c9a43def0c49f06d1186451ec51de887
SHA512

0621ca13e383d7542124c5d64f9992f326616f3937da10e1d9bca2ce42caad371d677a2fb7422c68631fc308f508debca7efd95566541543c12e91ba83b63f10

Score

10^/10

mirai sora botnet

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Mirai family
mirai
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.

Processes:

dlr.x86.elf

description ioc process

File opened for modification /tmp/byte dlr.x86.elf

/tmp/dlr.x86.elf
/tmp/dlr.x86.elf
1⤵
- Writes file to tmp directory
PID:1595

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/tmp/byte

Filesize
67KB

MD5
42ee3a41075c1e2843832503e42bb4b2

SHA1
4c26459b46bfda851190129a727a1c30b59fa748

SHA256
f1c2406c1bf48ba5466b0767ff353d082176db683000e097efd374c6a4e9a9f3

SHA512
c781778bc795ae2af21eea8a1ba01f3e1d0c65da079966e59a3a5b0c8659168d56546ae535417704db7119cdb1b5305b4aa7fb7269a316789714a8e3096d87ea

Download Submit