mirai | 37af77f7a68281ee447229b93af9848df6a1f428438b8008db561411bfcc4aa5 | Triage

Analysis

max time kernel
7s
max time network
25s
platform
debian-12_mipsel
resource
debian12-mipsel-20240221-en
resource tags

arch:mipselimage:debian12-mipsel-20240221-enkernel:6.1.0-17-4kc-maltalocale:en-usos:debian-12-mipselsystem
submitted
15-11-2024 02:21

Sharing

Report Analysis Logs

General

Target

37af77f7a68281ee447229b93af9848df6a1f428438b8008db561411bfcc4aa5.elf
Size

1KB
MD5

c1d2dc8e7e1be67babb6396c643647c1
SHA1

2aa4e44e908ae253a8e7e266aae6ba3110b960bc
SHA256

37af77f7a68281ee447229b93af9848df6a1f428438b8008db561411bfcc4aa5
SHA512

71123bc18d30d82eee38d6889c1c4292d7672942299cb84b874ec1cb0ac7eed866b0f09f93a42a7149ad789613726a4967c0de0be43f0fc41fb3826ec93f2e79

Score

10^/10

mirai lzrd botnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Mirai family
mirai

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

Processes:

37af77f7a68281ee447229b93af9848df6a1f428438b8008db561411bfcc4aa5.elf

description	ioc	Process
File opened for modification	/tmp/byte	37af77f7a68281ee447229b93af9848df6a1f428438b8008db561411bfcc4aa5.elf

/tmp/37af77f7a68281ee447229b93af9848df6a1f428438b8008db561411bfcc4aa5.elf
/tmp/37af77f7a68281ee447229b93af9848df6a1f428438b8008db561411bfcc4aa5.elf
1⤵
- Writes file to tmp directory
PID:738

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/tmp/byte

Filesize
137KB

MD5
973357b4367bf43c6f6cf45dac7c231b

SHA1
3040ad2b7b0943b5abb614780c1a43c7a3f3831c

SHA256
e35a1943ed7c2e95bb119671722cb8ea3d51810fe73a7e6950a4c8f3b8bdad33

SHA512
46dd2a46ab7cd95f2949b02f95d3706585457ceebad94e3a28fb4cfbc42f16cc31ef7e1f8cc2cf7e1a808a86eec2aae347be52526a96f0f17a1d566469f2cd94

Download Submit