Overview

overview

10

Static

static

5

boatnet.x86

ubuntu-22.04-amd64

10

Resubmissions

26-12-2024 13:49

241226-q4th1sxlem 10

26-12-2024 12:42

241226-pxewlswldl 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    boatnet.x86

  • Size

    27KB

  • Sample

    241226-q4th1sxlem

  • MD5

    9e6da56f2e4b29e5d019938932a7d02d

  • SHA1

    2039359cee130eb95673ba1d21a91965a87dc564

  • SHA256

    b528a15b83072c5d848eba0700eedf37dbfb35938a29e41c4529bee4e325203a

  • SHA512

    2084c8b7057d9fb9dc6587237c3e1a3172ae3cf51774097d587a2e2c6d0168b82d834b0c80d4f8672953df408e3b97dfc391f9aeb2ae263a2f12cbc12e34e382

  • SSDEEP

    768:Hac0rOyubkgG13ShHdYHBR2RmY9zlF0SsG:6c0KFq3w9YHXqhJFH

Score
10/10
mirailzrdbotnetdefense_evasiondiscoverylinuxupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      boatnet.x86

    • Size

      27KB

    • MD5

      9e6da56f2e4b29e5d019938932a7d02d

    • SHA1

      2039359cee130eb95673ba1d21a91965a87dc564

    • SHA256

      b528a15b83072c5d848eba0700eedf37dbfb35938a29e41c4529bee4e325203a

    • SHA512

      2084c8b7057d9fb9dc6587237c3e1a3172ae3cf51774097d587a2e2c6d0168b82d834b0c80d4f8672953df408e3b97dfc391f9aeb2ae263a2f12cbc12e34e382

    • SSDEEP

      768:Hac0rOyubkgG13ShHdYHBR2RmY9zlF0SsG:6c0KFq3w9YHXqhJFH

    Score
    10/10
    mirailzrdbotnetdefense_evasiondiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Mirai family

      mirai

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks