General
-
Target
boatnet.arm7.elf
-
Size
45KB
-
Sample
230428-1qgmeage87
-
MD5
20286dd74e25e3ec08cd217edfbe4989
-
SHA1
cfb42393fb73ca0c22dbc7723eeaafbee54c2c46
-
SHA256
37a71bbedf74dfc58178546cb3b07b989ebb71edf686c34331c9d4280532fbd0
-
SHA512
711e724b17941637a2f15dd48cbd1fe6e68e9bec93a84eb85cfa3844d59677c836ec5a70ca6c6114a04d9cf6a778c47dd88ee4371a935f9b945659b581383cec
-
SSDEEP
768:g/TYCoIxdEk+AxoTZAZHFeq8b3UN9q3UELbUXfi6nVMQHI4vcGpvy:gECFd+A6YHAxUgLRQZy
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
boatnet.arm7.elf
-
Size
45KB
-
MD5
20286dd74e25e3ec08cd217edfbe4989
-
SHA1
cfb42393fb73ca0c22dbc7723eeaafbee54c2c46
-
SHA256
37a71bbedf74dfc58178546cb3b07b989ebb71edf686c34331c9d4280532fbd0
-
SHA512
711e724b17941637a2f15dd48cbd1fe6e68e9bec93a84eb85cfa3844d59677c836ec5a70ca6c6114a04d9cf6a778c47dd88ee4371a935f9b945659b581383cec
-
SSDEEP
768:g/TYCoIxdEk+AxoTZAZHFeq8b3UN9q3UELbUXfi6nVMQHI4vcGpvy:gECFd+A6YHAxUgLRQZy
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-