mirai | 09048d7f11324973d1e81b6fe19e5788c952e930c4ad35ec374443ba64e099f8 | Triage

Analysis

max time kernel
0s
platform
debian-9_armhf
resource
debian9-armhf-20240611-en
resource tags

arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
04-11-2024 02:38

Sharing

Report Analysis Logs

General

Target

8eba3baa57190521282d6224ffddc8e2_JaffaCakes118
Size

28KB
MD5

8eba3baa57190521282d6224ffddc8e2
SHA1

1172cce13a526695ca43ede1da2223ff9253f201
SHA256

09048d7f11324973d1e81b6fe19e5788c952e930c4ad35ec374443ba64e099f8
SHA512

fbfbfca3fa88d824b6f416670d9f989f33a5119bbb79372ce623b3ce558e3e4b89bc01fe570a8ffce8ae1214fd5ac834f58228cd9fa84e3f20e849c80ffc5285
SSDEEP

768:EusHfRavjynNKnjFcZIhQzhKMXge9q3UEL7k:WRwynNIOQQ1KMwDLA

Score

10^/10

mirai sora botnet discovery

Malware Config

Extracted

Family

mirai

Botnet

SORA

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Mirai family
mirai

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/self/exe	8eba3baa57190521282d6224ffddc8e2_JaffaCakes118

/tmp/8eba3baa57190521282d6224ffddc8e2_JaffaCakes118
/tmp/8eba3baa57190521282d6224ffddc8e2_JaffaCakes118
1⤵
- Reads runtime system information
PID:651

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads