Overview

overview

10

Static

static

10

14c0a71272...4e2a4c

ubuntu-18.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    14c0a7127246003f54ce1b71a34e2a4c

  • Size

    1.2MB

  • Sample

    231219-2hdffschf7

  • MD5

    14c0a7127246003f54ce1b71a34e2a4c

  • SHA1

    4131f70b8e2c46ad9d431b44c6408c34eb9600f7

  • SHA256

    8768e43652f05e624db99a43b0aa7b614b7d5410e5269166a66510ddb9d4207e

  • SHA512

    68148ada184ec05dc7fabbf9a173fbf0a1ef8d5575c62072dd4017997de36534e213d8739c15290f2e3e5471a21488c67e836782ac5ac6c2f77cfcf303bc7ea7

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4F2y1q2rJp0:745vRVJKGtSA0VWeosu9p0

Score
10/10
mrblackantivmbotnetlinuxpersistencetrojan

Malware Config

Targets

    • Target

      14c0a7127246003f54ce1b71a34e2a4c

    • Size

      1.2MB

    • MD5

      14c0a7127246003f54ce1b71a34e2a4c

    • SHA1

      4131f70b8e2c46ad9d431b44c6408c34eb9600f7

    • SHA256

      8768e43652f05e624db99a43b0aa7b614b7d5410e5269166a66510ddb9d4207e

    • SHA512

      68148ada184ec05dc7fabbf9a173fbf0a1ef8d5575c62072dd4017997de36534e213d8739c15290f2e3e5471a21488c67e836782ac5ac6c2f77cfcf303bc7ea7

    • SSDEEP

      24576:e845rGHu6gVJKG75oFpA0VWeX4F2y1q2rJp0:745vRVJKGtSA0VWeosu9p0

    Score
    10/10
    mrblackantivmbotnetpersistencetrojan

    • MrBlack Trojan

      IoT botnet which infects routers to be used for DDoS attacks.

      trojanbotnetmrblack

    • MrBlack trojan

    • Executes dropped EXE

    • Checks CPU configuration

      Checks CPU information which indicate if the system is a virtual machine.

      antivm

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

      persistence

    • Write file to user bin folder

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks