General

  • Target

    boatnet.arm.elf

  • Size

    29KB

  • Sample

    250112-mxtnna1rcr

  • MD5

    ca3ed843f4289de112cfc3a9de2ce220

  • SHA1

    fd52c7ca778a49fa52fd40eae34bbd6129609c44

  • SHA256

    23c0d23f740c158abb9219f03832792056aa592faa7b7ab363dec0b8d00bd690

  • SHA512

    1ac6db8d700bf61304541d8cb03e1a38475d70baa87c8b7287740359e67d17b0c1178050c6a907d52efa23edc49355dcb94e5817343a0ab8af2b616d67601d2c

  • SSDEEP

    384:i42t1dfGUeoDWmxGPu5c8chS8j5oa9ZexR+bgIs4HESaukxdJBHS5cBDSz4K7zKX:e1dfMnZl8cfen4xK4cRSQdBDs3UozdS

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      boatnet.arm.elf

    • Size

      29KB

    • MD5

      ca3ed843f4289de112cfc3a9de2ce220

    • SHA1

      fd52c7ca778a49fa52fd40eae34bbd6129609c44

    • SHA256

      23c0d23f740c158abb9219f03832792056aa592faa7b7ab363dec0b8d00bd690

    • SHA512

      1ac6db8d700bf61304541d8cb03e1a38475d70baa87c8b7287740359e67d17b0c1178050c6a907d52efa23edc49355dcb94e5817343a0ab8af2b616d67601d2c

    • SSDEEP

      384:i42t1dfGUeoDWmxGPu5c8chS8j5oa9ZexR+bgIs4HESaukxdJBHS5cBDSz4K7zKX:e1dfMnZl8cfen4xK4cRSQdBDs3UozdS

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks