General
-
Target
boatnet.arm.elf
-
Size
54KB
-
Sample
240221-tagh5sad7z
-
MD5
58485938d8a5b3b1e76e4b8a0005b079
-
SHA1
de4788c3fbd547f29ef74c97e6a1705f8cd1cd97
-
SHA256
ef1a8feda056bc9856f40650de74ad34db26af38c048bab44e71a4a2c898dc13
-
SHA512
f2568ca9f8ff3930d2385550bec4f422e8e9e098a1e6268d866fa958d5af5765f6321266f20ec50a64a7856c1678c3397f1422bcafcaf7ea5f43864e2383b33f
-
SSDEEP
768:raehM993TLSmRTIrL8Fvvhp9H0HrZQ8yoWXagcLVPWtuQ/C71mA2EDEy0eYjW9TF:/M99jmL8BZp9IFUoWKdYuvQ5KIqkypZ
Behavioral task
behavioral1
Sample
boatnet.arm.elf
Resource
debian9-armhf-20240221-en
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
boatnet.arm.elf
-
Size
54KB
-
MD5
58485938d8a5b3b1e76e4b8a0005b079
-
SHA1
de4788c3fbd547f29ef74c97e6a1705f8cd1cd97
-
SHA256
ef1a8feda056bc9856f40650de74ad34db26af38c048bab44e71a4a2c898dc13
-
SHA512
f2568ca9f8ff3930d2385550bec4f422e8e9e098a1e6268d866fa958d5af5765f6321266f20ec50a64a7856c1678c3397f1422bcafcaf7ea5f43864e2383b33f
-
SSDEEP
768:raehM993TLSmRTIrL8Fvvhp9H0HrZQ8yoWXagcLVPWtuQ/C71mA2EDEy0eYjW9TF:/M99jmL8BZp9IFUoWKdYuvQ5KIqkypZ
Score7/10-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Writes file to system bin folder
-