Overview

overview

10

Static

static

5

boatnet.arm.elf

debian-9-armhf

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    boatnet.arm.elf

  • Size

    20KB

  • Sample

    250113-hxnees1qgt

  • MD5

    a8f22c58697776b8b4a378ba9f418525

  • SHA1

    59e3413e6cebc7d1c3efc57d1d62c65e18b67785

  • SHA256

    f88ac6cb8d6dcbfa8f9d3e8b8524fcf07882bb83e67dcb946eaae1ccf40a1a31

  • SHA512

    0f4b0213885ebeaace2b372f71be1d3da93145bd5c5046fed152602d03cd3153d840fdda0ba0a1f632864ace2a8dca5ec1f0bca48e197a92f99f0bced7a21d96

  • SSDEEP

    384:lNPgiQdvdnscdahJ18iJq2pwVKpyO7v9nvm6gU60hymdGUop5hG:/PgieVnpaT8U3wVqvJu6gD0s3Uozk

Score
10/10
mirailzrdbotnetdefense_evasiondiscoveryupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      boatnet.arm.elf

    • Size

      20KB

    • MD5

      a8f22c58697776b8b4a378ba9f418525

    • SHA1

      59e3413e6cebc7d1c3efc57d1d62c65e18b67785

    • SHA256

      f88ac6cb8d6dcbfa8f9d3e8b8524fcf07882bb83e67dcb946eaae1ccf40a1a31

    • SHA512

      0f4b0213885ebeaace2b372f71be1d3da93145bd5c5046fed152602d03cd3153d840fdda0ba0a1f632864ace2a8dca5ec1f0bca48e197a92f99f0bced7a21d96

    • SSDEEP

      384:lNPgiQdvdnscdahJ18iJq2pwVKpyO7v9nvm6gU60hymdGUop5hG:/PgieVnpaT8U3wVqvJu6gD0s3Uozk

    Score
    10/10
    mirailzrdbotnetdefense_evasiondiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Mirai family

      mirai

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks