General

  • Target

    boatnet.mips.elf

  • Size

    27KB

  • Sample

    241218-w6lh3sxpay

  • MD5

    44aa227810db033c3e3f5bb509827490

  • SHA1

    51f6c92605850f2eab60e906a67c1d0babb8ff66

  • SHA256

    3daf3b22b433d1a39344d69c7929b425cc49f17808ce2097e674368fd17b62ef

  • SHA512

    6dbcf29d10003610ba4061f1111a7f9831d4a7984dbe4d6740399433413cca56a3c56728a790ef5130ff3fbae609e4d45578e54cfc009e54b244687d33fb8d51

  • SSDEEP

    768:x3KNQmJdODGwUNCttUTLeUzQYIBgSAgPJgGlzDpbuR1J4:x3uZJd2G1CrcCUzkAgNVJuy

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      boatnet.mips.elf

    • Size

      27KB

    • MD5

      44aa227810db033c3e3f5bb509827490

    • SHA1

      51f6c92605850f2eab60e906a67c1d0babb8ff66

    • SHA256

      3daf3b22b433d1a39344d69c7929b425cc49f17808ce2097e674368fd17b62ef

    • SHA512

      6dbcf29d10003610ba4061f1111a7f9831d4a7984dbe4d6740399433413cca56a3c56728a790ef5130ff3fbae609e4d45578e54cfc009e54b244687d33fb8d51

    • SSDEEP

      768:x3KNQmJdODGwUNCttUTLeUzQYIBgSAgPJgGlzDpbuR1J4:x3uZJd2G1CrcCUzkAgNVJuy

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks