Overview

overview

10

Static

static

5

boatnet.arm7.elf

debian-9-armhf

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    boatnet.arm7.elf

  • Size

    45KB

  • Sample

    241201-k17ctatlhn

  • MD5

    3655f0e82fc5ec1c1015fcb433a3023a

  • SHA1

    c99b334621fd53bb80f2bd481a4dd91b8d61e4dc

  • SHA256

    8d410c544d3832d70fe8ed49edc6445c57e4b2f72c9023c51c527fdaf8e40fc9

  • SHA512

    0e99278b610477204df555d6026f7bf7002e3901c806d111909f063cef89289a06e7ed69f61163847236a46011820951c8f69f508ffb09c7ef930a799718de0a

  • SSDEEP

    768:E2rlJxP3Pn+9TKGW9hjw+Zh+PfApNf9q3UELJqqlpf/zAaD4stZGByR4:tpJxfv+9T2Q+Zh+nApULJnlpHzDD4DS4

Score
10/10
mirailzrdbotnetdefense_evasiondiscoveryupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      boatnet.arm7.elf

    • Size

      45KB

    • MD5

      3655f0e82fc5ec1c1015fcb433a3023a

    • SHA1

      c99b334621fd53bb80f2bd481a4dd91b8d61e4dc

    • SHA256

      8d410c544d3832d70fe8ed49edc6445c57e4b2f72c9023c51c527fdaf8e40fc9

    • SHA512

      0e99278b610477204df555d6026f7bf7002e3901c806d111909f063cef89289a06e7ed69f61163847236a46011820951c8f69f508ffb09c7ef930a799718de0a

    • SSDEEP

      768:E2rlJxP3Pn+9TKGW9hjw+Zh+PfApNf9q3UELJqqlpf/zAaD4stZGByR4:tpJxfv+9T2Q+Zh+nApULJnlpHzDD4DS4

    Score
    10/10
    mirailzrdbotnetdefense_evasiondiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Mirai family

      mirai

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks