General
-
Target
boatnet.arm7.elf
-
Size
45KB
-
Sample
230428-2ss9naaf81
-
MD5
b9285cc12b55ae9154a0bd70f1a7f12b
-
SHA1
ceb3b3bd0701b3b7ba96216697b5fc72734ee968
-
SHA256
82629b317cdbcdfff03f14e8135eceeb997912cc5a09078fc61ed91ff78028d0
-
SHA512
19f47ccaa0d5ee4f45cd04dc283883284b7a696f0759a072bf5f9d16d5a208c18a52f0b3c1c1f5280872503a186647279fde355617da42fcc995c1e6721634ff
-
SSDEEP
768:g/TYCoIxdEk+AxoTZAZHFeq8b30v59q3UELbUXfi6nVMQHI4vcGpvD:gECFd+A6YHAx0vsLRQZD
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
boatnet.arm7.elf
-
Size
45KB
-
MD5
b9285cc12b55ae9154a0bd70f1a7f12b
-
SHA1
ceb3b3bd0701b3b7ba96216697b5fc72734ee968
-
SHA256
82629b317cdbcdfff03f14e8135eceeb997912cc5a09078fc61ed91ff78028d0
-
SHA512
19f47ccaa0d5ee4f45cd04dc283883284b7a696f0759a072bf5f9d16d5a208c18a52f0b3c1c1f5280872503a186647279fde355617da42fcc995c1e6721634ff
-
SSDEEP
768:g/TYCoIxdEk+AxoTZAZHFeq8b30v59q3UELbUXfi6nVMQHI4vcGpvD:gECFd+A6YHAx0vsLRQZD
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-