Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
2s -
platform
debian-9_mips -
resource
debian9-mipsbe-20240418-en -
resource tags
arch:mipsimage:debian9-mipsbe-20240418-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem -
submitted
30/01/2025, 08:52
Behavioral task
behavioral1
Sample
boatnet.mips.elf
Resource
debian9-mipsbe-20240418-en
6 signatures
150 seconds
General
-
Target
boatnet.mips.elf
-
Size
23KB
-
MD5
5fb900af5c4737d28325c534f9851f9c
-
SHA1
165894a45795538ae093c952d6a48767f8ce09df
-
SHA256
fe6ba55fe185d350b784890adc8130d74fabd4b1180b2efea087f3dc4975ad09
-
SHA512
34a12b3b0d7d5a2fbee89f995fa5eced1c2d1a1f6dca5fea004d0abc07a898ed736e5d9bd76b5cb5a56d0899b9b60e6196684531e5a8192f739f735b5a40cfd5
-
SSDEEP
384:8MCnsnTaIwsGkZKN274B0GBd+h5cBHrdwQm8Vmr6JgGlzDpH7uNj1JAT:EnsnqsLy0GBd+h5cBBwQxVk6JgGlzDph
Score
10/10
Malware Config
Extracted
Family
mirai
Botnet
LZRD
Signatures
-
Mirai family
-
Modifies Watchdog functionality 1 TTPs 2 IoCs
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
description ioc Process File opened for modification /dev/misc/watchdog boatnet.mips.elf File opened for modification /dev/watchdog boatnet.mips.elf -
Writes file to system bin folder 2 IoCs
description ioc Process File opened for modification /sbin/watchdog boatnet.mips.elf File opened for modification /bin/watchdog boatnet.mips.elf -
description ioc Process File opened for reading /proc/674/cmdline boatnet.mips.elf File opened for reading /proc/677/cmdline boatnet.mips.elf File opened for reading /proc/679/cmdline boatnet.mips.elf File opened for reading /proc/707/cmdline boatnet.mips.elf File opened for reading /proc/774/cmdline boatnet.mips.elf File opened for reading /proc/777/cmdline boatnet.mips.elf File opened for reading /proc/661/cmdline boatnet.mips.elf File opened for reading /proc/701/cmdline boatnet.mips.elf File opened for reading /proc/703/cmdline boatnet.mips.elf File opened for reading /proc/756/cmdline boatnet.mips.elf File opened for reading /proc/775/cmdline boatnet.mips.elf File opened for reading /proc/789/cmdline boatnet.mips.elf File opened for reading /proc/697/cmdline boatnet.mips.elf File opened for reading /proc/702/cmdline boatnet.mips.elf File opened for reading /proc/710/cmdline boatnet.mips.elf File opened for reading /proc/402/cmdline boatnet.mips.elf File opened for reading /proc/696/cmdline boatnet.mips.elf File opened for reading /proc/718/cmdline boatnet.mips.elf File opened for reading /proc/765/cmdline boatnet.mips.elf File opened for reading /proc/769/cmdline boatnet.mips.elf File opened for reading /proc/680/cmdline boatnet.mips.elf -
System Network Configuration Discovery 1 TTPs 1 IoCs
Adversaries may gather information about the network configuration of a system.
pid Process 704 boatnet.mips.elf