General

  • Target

    boatnet.mpsl.elf

  • Size

    24KB

  • Sample

    241218-r1xa6stldk

  • MD5

    ce4b3ce3996d62b77ab59059e05e7f7b

  • SHA1

    c2884e004155fcccdb3e6dceca5fc73e9ebca1c7

  • SHA256

    c7f2f9f6b4925428f02765882377ddcb3e81877d12ee972f71334a32f5c19ad9

  • SHA512

    f8502b6866c80f83d41b2e866682cca999b0311d59c765f3dfd549d5406f5646d5a9815964087192129a633d62911624cb396b6799f263110cfbf1812635892b

  • SSDEEP

    768:obrQlS07dEv0UXqUhvQE+CXQKMQKCXBpDiZqSWvQ:4QlS07FUXqIYSXQKquCqY

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      boatnet.mpsl.elf

    • Size

      24KB

    • MD5

      ce4b3ce3996d62b77ab59059e05e7f7b

    • SHA1

      c2884e004155fcccdb3e6dceca5fc73e9ebca1c7

    • SHA256

      c7f2f9f6b4925428f02765882377ddcb3e81877d12ee972f71334a32f5c19ad9

    • SHA512

      f8502b6866c80f83d41b2e866682cca999b0311d59c765f3dfd549d5406f5646d5a9815964087192129a633d62911624cb396b6799f263110cfbf1812635892b

    • SSDEEP

      768:obrQlS07dEv0UXqUhvQE+CXQKMQKCXBpDiZqSWvQ:4QlS07FUXqIYSXQKquCqY

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks