mirai | 9d7d4a5c7a45e1a4cc0374019be3884c6b2e16087920bfd10a801c81d5b215c2 | Triage

Analysis

max time kernel
1s
max time network
3s
platform
debian-9_armhf
resource
debian9-armhf-20240418-en
resource tags

arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
21-11-2024 10:37

Sharing

Report Analysis Logs

General

Target

dlr.arm6.elf
Size

1KB
MD5

fe1123d6eee75bdebf8dba13bdc0ae3a
SHA1

bf7dc0196f04b8a4c8fc48af25ef487754ebd1a9
SHA256

9d7d4a5c7a45e1a4cc0374019be3884c6b2e16087920bfd10a801c81d5b215c2
SHA512

c8e6f3b951b7e94f51c68dbeb7b9486cd09905302ff6844910fa1fee31acba948cad17d6e9c71cce11a4588f170248dc8da70b617a797a48b05ed928b82e2909

Score

10^/10

mirai lzrd botnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
botnet mirai
Mirai family
mirai
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.

Processes:

dlr.arm6.elf

description ioc process

File opened for modification /tmp/byte dlr.arm6.elf

/tmp/dlr.arm6.elf
/tmp/dlr.arm6.elf
1⤵
- Writes file to tmp directory
PID:639

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/tmp/byte

Filesize
117KB

MD5
90dace050831597345679d7dfbd7d5b0

SHA1
6645cde5ce93d96a5e1e541770f14dc59100f364

SHA256
509a1343fab6dc704c0cb805284df2c7bd17194c487d250dfb9d6291561f981a

SHA512
71cae1e7c7ef3722d7fe325544898316c357fd81f063f867047586315b4170fe886302a672574e65fff937132f0afe233da0481b2da6fe36a14507e8c6212046

Download Submit