Overview

overview

10

Static

static

5

boatnet.mips.elf

debian-9-mips

10

Analysis

  • max time kernel
    149s
  • max time network
    6s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240418-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240418-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    29-01-2025 23:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    boatnet.mips.elf

  • Size

    23KB

  • MD5

    c6a98c2349ea6c265984816454048463

  • SHA1

    0ea150b95c47489b1b345b24f67145d0031ca07f

  • SHA256

    f953642ee3f66def19210969ac7b21cc89a1397bb15a7ded5618a41a5b672559

  • SHA512

    6bccfd2c7f95e3e56e1490559cacfd437b3d5f197d1474ad80a0393eb555177803c8ad44a2f83c88814da8bf07eb3c74ef7ae32c6c03424a7c2b37c783cc4a25

  • SSDEEP

    384:r2eaWjsHPe7rG3HpEsr78p+1J1cIvkW8eg6eq6LFdfv4oMKCZ8JgGlzDpH7uNj1B:qeaKugrGXOw7yAJ1cdWZnwdIbKCeJgGi

Score
10/10
mirailzrdbotnetdefense_evasiondiscovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Writes file to system bin folder 2 IoCs
  • Reads runtime system information 19 IoCs

    Reads data from /proc virtual filesystem.

    discovery
  • System Network Configuration Discovery 1 TTPs 1 IoCs

    Adversaries may gather information about the network configuration of a system.

    discovery

Processes

  • /tmp/boatnet.mips.elf
    /tmp/boatnet.mips.elf
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Reads runtime system information
    • System Network Configuration Discovery
    PID:704

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads