Analysis
-
max time kernel
150s -
max time network
141s -
platform
debian-9_mips -
resource
debian9-mipsbe-20221111-en -
resource tags
-
submitted
01-05-2023 11:51
General
-
Target
boatnet.mips.elf
-
Size
23KB
-
MD5
670e074cb679fb1e597d1899ed452bf6
-
SHA1
70aabf5ddacd2c0d140caf0fb11126d47d6c1f08
-
SHA256
ef6d5693b7fe6549fdfaf2e4dd4b29668ffad69cb7cb6e195521bfb48d6deb9a
-
SHA512
369356dd939675a5015b134f9603710fff0e16d951859575ec78107053cc723a1c25e1734edc5d206904c2fe10b3039ab1dbd1138ec6b7b7c05e21e7e7b04355
-
SSDEEP
384:YeD8ZSH2LLZUYyGZbsOiTrowSN9rnZMINlphQ/HYtuiOmdtJgGlzDpH7uNj1JA4P:YeD8ZSWvZHZbs1row697qohQvg9OitJc
Score
10/10
Malware Config
Extracted
Family
mirai
Botnet
LZRD
Signatures
-
Mirai
Mirai is a prevalent Linux malware infecting exposed network devices.
-
Modifies the Watchdog daemon 1 TTPs
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder 1 TTPs 2 IoCs
-
Reads runtime system information 5 IoCs
Reads data from /proc virtual filesystem.
Processes
-
/tmp/boatnet.mips.elf/tmp/boatnet.mips.elf1⤵
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/327-1-0x00400000-0x00451a58-memory.dmp