In 2021, it is anticipated that there will be approximately 30 billion Internet of Things (IoT) devices. The tremendous aggregate value of the IoT makes it a tempting and lucrative target for cyber criminals. The breakout of Mirai malware, which compromises poorly secured IoT devices with factory-default username and passphrase to launch Distributed Denial of Service (DDoS) attacks, has raised broad awareness towards the need for increased IoT security. To better defend against Mirai infection and spread, it is critical to know how the malware operates as the first step. In this paper, we give a combined static and dynamic analysis of Mirai, basing on the results of which, we introduce the application of Threat Tracer. Threat tracer is an information system simulator initially developed to help design a system robust against Advanced Persistent Attacks(APT). It offers an intuitive track on how a cyber threat behaves in a complicated networked system. The feedback simultaneously contributes to revealing vulnerabilities of a system. Our work focuses on the replication of Mirai Malware's operating processes in Threat Tracer simulation. By achieving doing so, we believe it could offer a comprehensible description of how Mirai acts. Also, considering the continuous emergence of Mirai variants, the simulation serves as a predictor on upcoming threats' behavior patterns.