Overview

overview

10

Static

static

10

0c2fced6cd...36a19e

ubuntu-18.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0c2fced6cd1b58dc85669dae1736a19e

  • Size

    1.1MB

  • Sample

    231221-1xgkzsdch8

  • MD5

    0c2fced6cd1b58dc85669dae1736a19e

  • SHA1

    775a3e0e4c5e0b53c7adf2e81ab13b0994338e0a

  • SHA256

    4fb50087fd3ecf8590b34a6ef40bdc227caee4314f480a4b01abab01c3e805ea

  • SHA512

    cfcf9d27b21c157a250f3fbc6b359f100293218422225ae6203f96b535a897cef84046abbf44c429aeade4e4123bee1c805a7903fcd4a08cff5cba34c6d569a4

  • SSDEEP

    24576:4vRE7caCfKGPqVEDNLFxKsfaoI+gIGYuuCol7r:4vREKfPqVE5jKsfaoRHGVo7r

Score
10/10
mrblackantivmbotnetlinuxpersistencetrojan

Malware Config

Targets

    • Target

      0c2fced6cd1b58dc85669dae1736a19e

    • Size

      1.1MB

    • MD5

      0c2fced6cd1b58dc85669dae1736a19e

    • SHA1

      775a3e0e4c5e0b53c7adf2e81ab13b0994338e0a

    • SHA256

      4fb50087fd3ecf8590b34a6ef40bdc227caee4314f480a4b01abab01c3e805ea

    • SHA512

      cfcf9d27b21c157a250f3fbc6b359f100293218422225ae6203f96b535a897cef84046abbf44c429aeade4e4123bee1c805a7903fcd4a08cff5cba34c6d569a4

    • SSDEEP

      24576:4vRE7caCfKGPqVEDNLFxKsfaoI+gIGYuuCol7r:4vREKfPqVE5jKsfaoRHGVo7r

    Score
    10/10
    mrblackantivmbotnetpersistencetrojan

    • MrBlack Trojan

      IoT botnet which infects routers to be used for DDoS attacks.

      trojanbotnetmrblack

    • MrBlack trojan

    • Executes dropped EXE

    • Checks CPU configuration

      Checks CPU information which indicate if the system is a virtual machine.

      antivm

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

      persistence

    • Write file to user bin folder

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks