General
-
Target
boatnet.mips.elf
-
Size
23KB
-
Sample
230501-nz5z5shb7y
-
MD5
670e074cb679fb1e597d1899ed452bf6
-
SHA1
70aabf5ddacd2c0d140caf0fb11126d47d6c1f08
-
SHA256
ef6d5693b7fe6549fdfaf2e4dd4b29668ffad69cb7cb6e195521bfb48d6deb9a
-
SHA512
369356dd939675a5015b134f9603710fff0e16d951859575ec78107053cc723a1c25e1734edc5d206904c2fe10b3039ab1dbd1138ec6b7b7c05e21e7e7b04355
-
SSDEEP
384:YeD8ZSH2LLZUYyGZbsOiTrowSN9rnZMINlphQ/HYtuiOmdtJgGlzDpH7uNj1JA4P:YeD8ZSWvZHZbs1row697qohQvg9OitJc
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
boatnet.mips.elf
-
Size
23KB
-
MD5
670e074cb679fb1e597d1899ed452bf6
-
SHA1
70aabf5ddacd2c0d140caf0fb11126d47d6c1f08
-
SHA256
ef6d5693b7fe6549fdfaf2e4dd4b29668ffad69cb7cb6e195521bfb48d6deb9a
-
SHA512
369356dd939675a5015b134f9603710fff0e16d951859575ec78107053cc723a1c25e1734edc5d206904c2fe10b3039ab1dbd1138ec6b7b7c05e21e7e7b04355
-
SSDEEP
384:YeD8ZSH2LLZUYyGZbsOiTrowSN9rnZMINlphQ/HYtuiOmdtJgGlzDpH7uNj1JA4P:YeD8ZSWvZHZbs1row697qohQvg9OitJc
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-