Overview

overview

9

Static

static

boatnet.x86_64

ubuntu-18.04-amd64

9

Analysis

  • max time kernel
    20785s
  • max time network
    103s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    06-08-2022 06:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    boatnet.x86_64

  • Size

    22KB

  • MD5

    571b51f69986c6be58c2ba651b02222a

  • SHA1

    4ec598fcb3e50c6b35518dcd41128349929f5923

  • SHA256

    e67719fec199a4bd74c3e5946016c2561e6d299ce62eb648a60c0f433a61df7b

  • SHA512

    feeab7d3971d9e129870d940446c6bafed63aa791aa9fc068641781be5e001414aa3bf7c939466c122634d857b75c8b2423c28bc0e471db0efc8c87a9dd4f169

Score
9/10

Malware Config

Signatures

  • Modifies the Watchdog daemon 1 TTPs

    Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 2 IoCs
  • Reads runtime system information 16 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/boatnet.x86_64
    /tmp/boatnet.x86_64
    1⤵
      PID:576

    Network

    MITRE ATT&CK Matrix ATT&CK v6

    Initial Access

    Execution

    Persistence

    Hijack Execution Flow

    1
    T1574

    Privilege Escalation

    Hijack Execution Flow

    1
    T1574

    Defense Evasion

    Impair Defenses

    1
    T1562

    Hijack Execution Flow

    1
    T1574

    Credential Access

    Discovery

    Lateral Movement

    Collection

    Exfiltration

    Command and Control

    Impact

    Replay Monitor

    Loading Replay Monitor...

    Downloads