Overview

overview

10

Static

static

5

boatnet.arm.elf

debian-9-armhf

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    boatnet.arm.elf

  • Size

    21KB

  • Sample

    241209-h68fyszrfw

  • MD5

    f5d25040d5965db1483224d8aac4f514

  • SHA1

    1290df556a8d24a90d4837facdeb1ce9a8ab028f

  • SHA256

    9410ad619287246728563cb6d96a60108a4335742cfa6cd0c81686e5fc42679c

  • SHA512

    5c4fe563c854e31360eeb446fb0912a3863e20e657db607485eba4c5e7ea3b9bc4347c0d59c44f10cbc3529b18956a88191091bba6aa4fa0626afa187ace31db

  • SSDEEP

    384:vvtIoZxrSniaXs+qx+bwqPX+VOcFd5fHq52lxjY2hymdGUop5hu:vvQn4j+ZO5fKAlx02s3Uozk

Score
10/10
mirailzrdbotnetdefense_evasiondiscoveryupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      boatnet.arm.elf

    • Size

      21KB

    • MD5

      f5d25040d5965db1483224d8aac4f514

    • SHA1

      1290df556a8d24a90d4837facdeb1ce9a8ab028f

    • SHA256

      9410ad619287246728563cb6d96a60108a4335742cfa6cd0c81686e5fc42679c

    • SHA512

      5c4fe563c854e31360eeb446fb0912a3863e20e657db607485eba4c5e7ea3b9bc4347c0d59c44f10cbc3529b18956a88191091bba6aa4fa0626afa187ace31db

    • SSDEEP

      384:vvtIoZxrSniaXs+qx+bwqPX+VOcFd5fHq52lxjY2hymdGUop5hu:vvQn4j+ZO5fKAlx02s3Uozk

    Score
    10/10
    mirailzrdbotnetdefense_evasiondiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Mirai family

      mirai

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks