General
-
Target
b94e63d38073df0009e727039a512ad3
-
Size
1.1MB
-
Sample
231222-rgy1naabf5
-
MD5
b94e63d38073df0009e727039a512ad3
-
SHA1
b1f7ab983c723f2f22aeb6e1923fe49f62e82976
-
SHA256
9b4d9bb64442c3ef9196ea67640c862515e92f6b258c90b12ddc80b8eb36e2dd
-
SHA512
aae94a6ea746e3f4c7b3e655b829e45c11f45131b306ff9542b00b47289d00c79e8ca8da2f7490d9dbc2d6f143ac9790ef1fcf5d26a4bec1087d729fc758cd0b
-
SSDEEP
24576:4vRE7caCfKGPqVEDNLFxKsfaMI+gIGYuuCol7r:4vREKfPqVE5jKsfaMRHGVo7r
Malware Config
Targets
-
-
Target
b94e63d38073df0009e727039a512ad3
-
Size
1.1MB
-
MD5
b94e63d38073df0009e727039a512ad3
-
SHA1
b1f7ab983c723f2f22aeb6e1923fe49f62e82976
-
SHA256
9b4d9bb64442c3ef9196ea67640c862515e92f6b258c90b12ddc80b8eb36e2dd
-
SHA512
aae94a6ea746e3f4c7b3e655b829e45c11f45131b306ff9542b00b47289d00c79e8ca8da2f7490d9dbc2d6f143ac9790ef1fcf5d26a4bec1087d729fc758cd0b
-
SSDEEP
24576:4vRE7caCfKGPqVEDNLFxKsfaMI+gIGYuuCol7r:4vREKfPqVE5jKsfaMRHGVo7r
Score10/10-
MrBlack Trojan
IoT botnet which infects routers to be used for DDoS attacks.
-
MrBlack trojan
-
Executes dropped EXE
-
Checks CPU configuration
Checks CPU information which indicate if the system is a virtual machine.
-
Modifies init.d
Adds/modifies system service, likely for persistence.
-
Write file to user bin folder
-
Writes file to system bin folder
-