Overview

overview

10

Static

static

5

176.65.134...09.elf

ubuntu-22.04-amd64

10

Analysis

  • max time kernel
    149s
  • max time network
    128s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    31-01-2025 20:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    176.65.134.111-boatnet.x86-2025-01-31T195809.elf

  • Size

    20KB

  • MD5

    8aa70f8604a3953246208c29980c4817

  • SHA1

    10bb00a499547c86cf4b8b9682fd8f34ebebb0bf

  • SHA256

    34e80c9f2284311172aaa3f8204de2ac54b2440a6a27fa2b35ddd87f1f2f8587

  • SHA512

    dee108d1f6c105494930ca0f5654e7704dccaca4caf3e663d55bdb16d6a3fc884aaa634ddb980b8ca67a80f3e74fac6765f8ded3a72708ac559a86bc598d1ccf

  • SSDEEP

    384:M0sLpj8s/qPui8uZxoIA57RWQjJiEVi+Zk99BzCFTOd68NSG9tcSPcYsPikHL2Au:k98o08kxofBE+Zk9ToaNl8k+a6RQ

Score
10/10
mirailzrdbotnetdefense_evasiondiscovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Signatures

  • Mirai

    Mirai is a prevalent Linux malware infecting exposed network devices.

    botnetmirai
  • Mirai family
    mirai
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Writes file to system bin folder 2 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads