f6c25d2b8841c74629e7b17de54caa7658a1b991e9b8c8bb3d89f3c19816ad6f | Triage

Sharing

General

Target

boatnet.arm7
Size

45KB
Sample

230318-grhrbade3y
MD5

fb56a6197b3b9393d9b74b8cf6b2ba70
SHA1

3a5ec19828e9597a0408db6235b0e952ef94d964
SHA256

f6c25d2b8841c74629e7b17de54caa7658a1b991e9b8c8bb3d89f3c19816ad6f
SHA512

2001b0e26e1c0044784b838af48c7553863bdb799849e3138db001062ef3f48c37a9427dcc106d05b1e35c3b4d418893be0f3af49a4f097f2ac1cec98e232dd4
SSDEEP

768:g/TYCoIxdEk+AxoTZAZHFeq8b359q3UELbUXfi6nVMQHI4vcGpv9:gECFd+A6YHAxsLRQZ9

Score

9^/10

upx

Malware Config

Targets

- Target
  
  boatnet.arm7
- Size
  
  45KB
- MD5
  
  fb56a6197b3b9393d9b74b8cf6b2ba70
- SHA1
  
  3a5ec19828e9597a0408db6235b0e952ef94d964
- SHA256
  
  f6c25d2b8841c74629e7b17de54caa7658a1b991e9b8c8bb3d89f3c19816ad6f
- SHA512
  
  2001b0e26e1c0044784b838af48c7553863bdb799849e3138db001062ef3f48c37a9427dcc106d05b1e35c3b4d418893be0f3af49a4f097f2ac1cec98e232dd4
- SSDEEP
  
  768:g/TYCoIxdEk+AxoTZAZHFeq8b359q3UELbUXfi6nVMQHI4vcGpv9:gECFd+A6YHAxsLRQZ9
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1