General

  • Target

    boatnet.mips.elf

  • Size

    23KB

  • Sample

    250131-ewcprazqgl

  • MD5

    9861d287930bcb3662ef079d0cf075f8

  • SHA1

    81b9c88096f77d1af1cc7c8e294c14bc23367142

  • SHA256

    e83d3bdc2117c26015d54246cb52c99522eaa4941da8d80bce55462fc1e53869

  • SHA512

    8763a9746ba10ffa4b8563a20bfa19b336aa35a972ab43d8eecee8f36bf7cedc2c319bc55c91f309c5e17dbcfd45c79b18e83f4519a82c042dd4776f9aba4b56

  • SSDEEP

    384:CQiZrliVVSSFa+0mnUid40xfJvNNHN4vwmA+eGdlSQvw8jGAGJgGlzDpH7uNj1JM:zESFa+0qu0/ftQK+nIl8jGAGJgGlzDph

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      boatnet.mips.elf

    • Size

      23KB

    • MD5

      9861d287930bcb3662ef079d0cf075f8

    • SHA1

      81b9c88096f77d1af1cc7c8e294c14bc23367142

    • SHA256

      e83d3bdc2117c26015d54246cb52c99522eaa4941da8d80bce55462fc1e53869

    • SHA512

      8763a9746ba10ffa4b8563a20bfa19b336aa35a972ab43d8eecee8f36bf7cedc2c319bc55c91f309c5e17dbcfd45c79b18e83f4519a82c042dd4776f9aba4b56

    • SSDEEP

      384:CQiZrliVVSSFa+0mnUid40xfJvNNHN4vwmA+eGdlSQvw8jGAGJgGlzDpH7uNj1JM:zESFa+0qu0/ftQK+nIl8jGAGJgGlzDph

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

    • Mirai family

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Writes file to system bin folder

MITRE ATT&CK Enterprise v15

Tasks