mirai | a93ea3bd1c97ecba63c0697f6fa2fd84ba1f7fbae6108a623355ee0193b32425 | Triage

Analysis

max time kernel
1s
max time network
129s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20240729-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20240729-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
10-11-2024 02:51

Sharing

Report Analysis Logs

General

Target

a93ea3bd1c97ecba63c0697f6fa2fd84ba1f7fbae6108a623355ee0193b32425.elf
Size

1KB
MD5

80d257be5f3e8a6791c2133149805092
SHA1

b5fc7f50fda7ed36dc2f16df9e669fcb561d740e
SHA256

a93ea3bd1c97ecba63c0697f6fa2fd84ba1f7fbae6108a623355ee0193b32425
SHA512

239922227b4df05d316ef69e99daef8de8531360cfa0201134d8013a0a3c8c14f962db07c33e2ec8f25b93a003c6b19b7af1d405d4621025060aa98bfeee9cb2

Score

10^/10

mirai lzrd botnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Mirai family
mirai

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

Processes:

a93ea3bd1c97ecba63c0697f6fa2fd84ba1f7fbae6108a623355ee0193b32425.elf

description	ioc	Process
File opened for modification	/tmp/byte	a93ea3bd1c97ecba63c0697f6fa2fd84ba1f7fbae6108a623355ee0193b32425.elf

/tmp/a93ea3bd1c97ecba63c0697f6fa2fd84ba1f7fbae6108a623355ee0193b32425.elf
/tmp/a93ea3bd1c97ecba63c0697f6fa2fd84ba1f7fbae6108a623355ee0193b32425.elf
1⤵
- Writes file to tmp directory
PID:1570

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/tmp/byte

Filesize
95KB

MD5
34ef09c6bfa12c8bb0a4eb1111163f49

SHA1
374e5712df7fba870afd7c7897c5bc23ba205f61

SHA256
537907609ffc903d04b1aa5309d9bd02b95a31f343763ae83cd61f9c1b797438

SHA512
4aecdc6165268aa3a214581b5bb1311ebd17b9a7f573fc45a914fd3c1b7c38faffbe7ca21628ca37752417c8270a66fa34d544a4e315271f462dd31953bd902f

Download Submit