Overview

overview

10

Static

static

10

8285f35183...48411d

ubuntu-18.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8285f35183f0341b8dfe425b7348411d

  • Size

    1.2MB

  • Sample

    231222-lsxn3sfaem

  • MD5

    8285f35183f0341b8dfe425b7348411d

  • SHA1

    44e569a191a5d7bd720c7af06c2fd81a501a245b

  • SHA256

    551b48e425dcf4337ee023ad65a871123d172e43fabbc965252f5a2e69d0bd4a

  • SHA512

    d9708bdf6e552f1fca816432f1f9a7d4b3ff8517fe2e18b3586c732a411262920743435f19a250f112ac829633f8370bb16de24bf2ec4692777293d97bbb6b4f

  • SSDEEP

    24576:e845rlHu6gVJKG75oFpA0VWqX4G2y1q2rJp0:745wRVJKGtSA0VWqoVu9p0

Score
10/10
mrblackantivmbotnetlinuxpersistencetrojan

Malware Config

Targets

    • Target

      8285f35183f0341b8dfe425b7348411d

    • Size

      1.2MB

    • MD5

      8285f35183f0341b8dfe425b7348411d

    • SHA1

      44e569a191a5d7bd720c7af06c2fd81a501a245b

    • SHA256

      551b48e425dcf4337ee023ad65a871123d172e43fabbc965252f5a2e69d0bd4a

    • SHA512

      d9708bdf6e552f1fca816432f1f9a7d4b3ff8517fe2e18b3586c732a411262920743435f19a250f112ac829633f8370bb16de24bf2ec4692777293d97bbb6b4f

    • SSDEEP

      24576:e845rlHu6gVJKG75oFpA0VWqX4G2y1q2rJp0:745wRVJKGtSA0VWqoVu9p0

    Score
    10/10
    mrblackantivmbotnetpersistencetrojan

    • MrBlack Trojan

      IoT botnet which infects routers to be used for DDoS attacks.

      trojanbotnetmrblack

    • MrBlack trojan

    • Executes dropped EXE

    • Checks CPU configuration

      Checks CPU information which indicate if the system is a virtual machine.

      antivm

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

      persistence

    • Write file to user bin folder

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks