General

  • Target

    boatnet.x86_64

  • Size

    22KB

  • Sample

    220809-g8cavsecak

  • MD5

    5a36c320f920fbafb1f55a9f4b1f93db

  • SHA1

    7f72323425fe2e4b5d409b77b4dd3aa4f349b978

  • SHA256

    8b4561c89c880a6d2283f230741ebff156347bffcc4635da41fce0c66fe89926

  • SHA512

    08547d860813ba378a557583ce3f46634c991b19c2524ba6c08de4ffdd00d63644c63294454cdb1f77b955cc0811af34219e66d9156048ac895707ed71d5cfc9

Score
9/10

Malware Config

Targets

    • Target

      boatnet.x86_64

    • Size

      22KB

    • MD5

      5a36c320f920fbafb1f55a9f4b1f93db

    • SHA1

      7f72323425fe2e4b5d409b77b4dd3aa4f349b978

    • SHA256

      8b4561c89c880a6d2283f230741ebff156347bffcc4635da41fce0c66fe89926

    • SHA512

      08547d860813ba378a557583ce3f46634c991b19c2524ba6c08de4ffdd00d63644c63294454cdb1f77b955cc0811af34219e66d9156048ac895707ed71d5cfc9

    Score
    9/10
    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Writes file to system bin folder

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Hijack Execution Flow

1
T1574

Privilege Escalation

Hijack Execution Flow

1
T1574

Defense Evasion

Impair Defenses

1
T1562

Hijack Execution Flow

1
T1574

Tasks