Overview

overview

10

Static

static

5

boatnet.arm6.elf

debian-12-armhf

10

Analysis

  • max time kernel
    0s
  • max time network
    138s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    05-12-2024 09:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    boatnet.arm6.elf

  • Size

    26KB

  • MD5

    26482087a97a61261c8f2fb056a7e645

  • SHA1

    f87a372cf0b140a2aee10a4280b6970910a83155

  • SHA256

    ca76790389f3c7cfe567ae9ba7abef8c55419ab8bc819f8f140b239ddbb0102c

  • SHA512

    e74f0906c12ad2c7ef279eaed0ad0faf4e32f8a8d494f604340eb2f8950e8a623cbe41d7fd5df450d2b31833b3d2e03125ac069bca6da6bfc23e34ab9b8df4f7

  • SSDEEP

    768:0MYwZ+dFwAMXlWBPCdlnf1LKK1+KyqW700Y1Hxhcd7z9q3UELuw:7bZ+Adlnf1LF1+KDWA0QxhcYLV

Score
10/10
mirailzrdbotnetdiscovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/boatnet.arm6.elf
    /tmp/boatnet.arm6.elf
    1⤵
    • Reads runtime system information
    PID:713

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads