General

  • Target

    boatnet.x86.elf

  • Size

    20KB

  • Sample

    241215-y8dx5axnfq

  • MD5

    ca95eab493cfc9b9bed940c9a28a1b26

  • SHA1

    54ac919ada2b946bf6d8e4766cdadfb5206b518e

  • SHA256

    0439117b36cccec92a1ff3ec8bb5f36f65b42a8c2a323e38fea98c4b6c572923

  • SHA512

    56261bb12c76257c1b2162de8b8ffdf4e2a8efefccde8703ab1ac2ebb1a0363e120d2ead06c83b6c8faff011fdde7a06b2cdb95297f02f2f8e68a17163209ea7

  • SSDEEP

    384:MgWLpj8s/qPui8uZxoIA57RWQjJiEVi+Zkqafc1oj5CWRfINhCjTn6Epl9zpdI83:O98o08kxofBE+ZkqNxWRogTn6Ep3lTz

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      boatnet.x86.elf

    • Size

      20KB

    • MD5

      ca95eab493cfc9b9bed940c9a28a1b26

    • SHA1

      54ac919ada2b946bf6d8e4766cdadfb5206b518e

    • SHA256

      0439117b36cccec92a1ff3ec8bb5f36f65b42a8c2a323e38fea98c4b6c572923

    • SHA512

      56261bb12c76257c1b2162de8b8ffdf4e2a8efefccde8703ab1ac2ebb1a0363e120d2ead06c83b6c8faff011fdde7a06b2cdb95297f02f2f8e68a17163209ea7

    • SSDEEP

      384:MgWLpj8s/qPui8uZxoIA57RWQjJiEVi+Zkqafc1oj5CWRfINhCjTn6Epl9zpdI83:O98o08kxofBE+ZkqNxWRogTn6Ep3lTz

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks