General

  • Target

    boatnet.arm7.elf

  • Size

    45KB

  • Sample

    241108-kh6csszakf

  • MD5

    f3a56db1706e690b850f58d055fb90ac

  • SHA1

    54616d25ab81722602ff0bdee425d6578ad67957

  • SHA256

    fc4933008b0b05d319c768deb7d3e21cc2a563285c57b4677a5b5fc740f29f1c

  • SHA512

    26a9522cd413fa9316fa1d910ea775dc61ff0de3262a89cca9928e424fdc49e09217ffde644e46a57dec252032da72ffd97e9f02781361a074d6bd02a4423f1a

  • SSDEEP

    768:D/TYCoIxdEk+AxoTZAZHFeq8b3Lo9q3UELbUXfi6nVMQHI4vcGpvw:DECFd+A6YHAxVLRQZw

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      boatnet.arm7.elf

    • Size

      45KB

    • MD5

      f3a56db1706e690b850f58d055fb90ac

    • SHA1

      54616d25ab81722602ff0bdee425d6578ad67957

    • SHA256

      fc4933008b0b05d319c768deb7d3e21cc2a563285c57b4677a5b5fc740f29f1c

    • SHA512

      26a9522cd413fa9316fa1d910ea775dc61ff0de3262a89cca9928e424fdc49e09217ffde644e46a57dec252032da72ffd97e9f02781361a074d6bd02a4423f1a

    • SSDEEP

      768:D/TYCoIxdEk+AxoTZAZHFeq8b3Lo9q3UELbUXfi6nVMQHI4vcGpvw:DECFd+A6YHAxVLRQZw

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks