Overview

overview

10

Static

static

7

boatnet.x86.elf

ubuntu-18.04-amd64

10

Analysis

  • max time kernel
    152s
  • max time network
    144s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20230621-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20230621-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    10/07/2023, 14:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    boatnet.x86.elf

  • Size

    20KB

  • MD5

    6184837e04535564569f2b607c0566cc

  • SHA1

    1b26228dcdf2d9fc690dbab09b17c20189e2a0b9

  • SHA256

    5c363b01db15de5c79c38661ddf962fd57db4b31a33e9a4fcd3d0173fb399c5f

  • SHA512

    376a6e7c519398b16eab2ac45c6226750f8ba7b151f06ac25486d520579883771bce2f176f3d2fb146eb134d7f364ee33e58c4e0f4463aa5225a58f2be1cf9ff

  • SSDEEP

    384:Mg9Lpj8s/qPui8uZxoIA57RWQjJiEVi+ZkXaHhib+502F2vwA9dWuMW21bAK1oTE:798o08kxofBE+ZkXaEbp2F2TWul0c5QR

Score
10/10
mirailzrdbotnet

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 2 IoCs
  • Reads runtime system information 14 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/boatnet.x86.elf
    /tmp/boatnet.x86.elf
    1⤵
      PID:603

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads