Overview

overview

10

Static

static

5

boatnet.arm.elf

debian-9-armhf

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    boatnet.arm.elf

  • Size

    21KB

  • Sample

    241201-cc88haspht

  • MD5

    e3339adf9bf4d6e27a19f750a2dbd3a6

  • SHA1

    8e2f08d4b5751ee15cff90df19d57d327eb67465

  • SHA256

    d0d40ce443e135b8524e7f2beb506ffc58b1875f2dffde47206074ee0dd6e368

  • SHA512

    9f9be1aeab1fe16219661edf2c5c934f8e740c7b4e2db1e326fa6e1310e55217328f4ed588e94e39155fb9a15d41b2ee7e074a38d32eedf362c524253b8a6c81

  • SSDEEP

    384:TvtIoZxrSniaXs+qx+bwqPX+VOcFd5fHq52lxj5whymdGUop5h8:TvQn4j+ZO5fKAlxtws3Uoz6

Score
10/10
mirailzrdbotnetdefense_evasiondiscoveryupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      boatnet.arm.elf

    • Size

      21KB

    • MD5

      e3339adf9bf4d6e27a19f750a2dbd3a6

    • SHA1

      8e2f08d4b5751ee15cff90df19d57d327eb67465

    • SHA256

      d0d40ce443e135b8524e7f2beb506ffc58b1875f2dffde47206074ee0dd6e368

    • SHA512

      9f9be1aeab1fe16219661edf2c5c934f8e740c7b4e2db1e326fa6e1310e55217328f4ed588e94e39155fb9a15d41b2ee7e074a38d32eedf362c524253b8a6c81

    • SSDEEP

      384:TvtIoZxrSniaXs+qx+bwqPX+VOcFd5fHq52lxj5whymdGUop5h8:TvQn4j+ZO5fKAlxtws3Uoz6

    Score
    10/10
    mirailzrdbotnetdefense_evasiondiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Mirai family

      mirai

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks