mirai | 180632c85d78d71b08d1695d1e335077a987a8cccae000624a5103f83390aa37 | Triage

Analysis

max time kernel
0s
max time network
137s
platform
ubuntu-20.04_amd64
resource
ubuntu2004-amd64-20240508-en
resource tags

arch:amd64arch:i386image:ubuntu2004-amd64-20240508-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
submitted
15-11-2024 02:13

Sharing

Report Analysis Logs

General

Target

180632c85d78d71b08d1695d1e335077a987a8cccae000624a5103f83390aa37.elf
Size

1KB
MD5

481cf74d282ea849b894c8d42bfa5a3f
SHA1

e6b10d3e688cf68f0a9d23cdfa1b69e057a66416
SHA256

180632c85d78d71b08d1695d1e335077a987a8cccae000624a5103f83390aa37
SHA512

d49b95e21f6a18167e20c2020d0066ac95ac7a3e922b9a1b2e526e1ebc18eaa7164f31a145bfce1e40d7f1f648ce7a6c71996ed7cbcd77c39aada3decac06172

Score

10^/10

mirai lzrd botnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Mirai family
mirai

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/byte	180632c85d78d71b08d1695d1e335077a987a8cccae000624a5103f83390aa37.elf

/tmp/180632c85d78d71b08d1695d1e335077a987a8cccae000624a5103f83390aa37.elf
/tmp/180632c85d78d71b08d1695d1e335077a987a8cccae000624a5103f83390aa37.elf
1⤵
- Writes file to tmp directory
PID:1396

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/tmp/byte

Filesize
95KB

MD5
34ef09c6bfa12c8bb0a4eb1111163f49

SHA1
374e5712df7fba870afd7c7897c5bc23ba205f61

SHA256
537907609ffc903d04b1aa5309d9bd02b95a31f343763ae83cd61f9c1b797438

SHA512
4aecdc6165268aa3a214581b5bb1311ebd17b9a7f573fc45a914fd3c1b7c38faffbe7ca21628ca37752417c8270a66fa34d544a4e315271f462dd31953bd902f

Download Submit