Overview

overview

10

Static

static

5

boatnet.arm7.elf

debian-12-armhf

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    boatnet.arm7.elf

  • Size

    45KB

  • Sample

    250203-kh2plsxrhm

  • MD5

    ea27d43ec482afe88ef5e372ef0a37a8

  • SHA1

    a6ca468fdb37f3261acca06e3bf2de7a493eeb9f

  • SHA256

    fae6874d70bab432d1a05cbe54574ca04eb0b244e3b815eeaf881871da477dde

  • SHA512

    c394e1551852571ec91ccfe19e1aa2d26db38eb0bd47b129526a5c82a66d13303dd58d5796f68f794ba9507178352689a8ba93be3d5bb4449ce559008187f354

  • SSDEEP

    768:O/TYCoIxdEk+AxoTZAZHFeq8b3e49q3UELai76ZMJ+vdRCjeg5jwnxHmXPQ:OECFd+A6YHAxehLaq0MJ+zg5EnxH4Y

Score
10/10
mirailzrdbotnetdefense_evasiondiscoveryupx

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

    • Target

      boatnet.arm7.elf

    • Size

      45KB

    • MD5

      ea27d43ec482afe88ef5e372ef0a37a8

    • SHA1

      a6ca468fdb37f3261acca06e3bf2de7a493eeb9f

    • SHA256

      fae6874d70bab432d1a05cbe54574ca04eb0b244e3b815eeaf881871da477dde

    • SHA512

      c394e1551852571ec91ccfe19e1aa2d26db38eb0bd47b129526a5c82a66d13303dd58d5796f68f794ba9507178352689a8ba93be3d5bb4449ce559008187f354

    • SSDEEP

      768:O/TYCoIxdEk+AxoTZAZHFeq8b3e49q3UELai76ZMJ+vdRCjeg5jwnxHmXPQ:OECFd+A6YHAxehLaq0MJ+zg5EnxH4Y

    Score
    10/10
    mirailzrdbotnetdefense_evasiondiscovery

    • Mirai

      Mirai is a prevalent Linux malware infecting exposed network devices.

      botnetmirai

    • Mirai family

      mirai

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

      defense_evasion

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks