mirai | 63129ea58d379377baee1e84a99dcdaa90da1c3327d363aba2eeb7feb20023a0 | Triage

Analysis

max time kernel
6s
max time network
23s
platform
debian-12_mipsel
resource
debian12-mipsel-20240221-en
resource tags

arch:mipselimage:debian12-mipsel-20240221-enkernel:6.1.0-17-4kc-maltalocale:en-usos:debian-12-mipselsystem
submitted
21-11-2024 10:22

Sharing

Report Analysis Logs

General

Target

dlr.mpsl.elf
Size

1KB
MD5

78c245a673a23f00df06d7ddb390130e
SHA1

9eb6945f84d8b564fbc30b18ae0acf5cbb5caa8f
SHA256

63129ea58d379377baee1e84a99dcdaa90da1c3327d363aba2eeb7feb20023a0
SHA512

050ad09974ce82d0c02eadbcf740e7bad7daf169b4f2ee6b73d15b86b80126000208d89280db7feb9681f5a749fd7983c3d8eed3f820456d03582f8b5cceccf9

Score

10^/10

mirai lzrd botnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Mirai family
mirai
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.

Processes:

dlr.mpsl.elf

description ioc process

File opened for modification /tmp/byte dlr.mpsl.elf

/tmp/dlr.mpsl.elf
/tmp/dlr.mpsl.elf
1⤵
- Writes file to tmp directory
PID:740

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/tmp/byte

Filesize
137KB

MD5
973357b4367bf43c6f6cf45dac7c231b

SHA1
3040ad2b7b0943b5abb614780c1a43c7a3f3831c

SHA256
e35a1943ed7c2e95bb119671722cb8ea3d51810fe73a7e6950a4c8f3b8bdad33

SHA512
46dd2a46ab7cd95f2949b02f95d3706585457ceebad94e3a28fb4cfbc42f16cc31ef7e1f8cc2cf7e1a808a86eec2aae347be52526a96f0f17a1d566469f2cd94

Download Submit