General
-
Target
e1f3f59b74b2c888f1deed1475d7fa73
-
Size
1.2MB
-
Sample
231222-s9tgbaead5
-
MD5
e1f3f59b74b2c888f1deed1475d7fa73
-
SHA1
4e4158ac9ee8e3cb997f75d5eddbb30243623906
-
SHA256
009714340e1b9cd089d6801bca92ebd507dfe37c80ba72d607e32f212de3e6a0
-
SHA512
527c91fe8cf5ef3cdbba3711266aead92ab3ddd9fca311b38c5f6cc13d8a6d1b01a23d5db13ead315aeb5485d22692ff869f4fc77b0e25323d300e36ba6b7179
-
SSDEEP
24576:e845rGHu6gVJKG75oFpA0VWIX4m2y1q2rJp0:745vRVJKGtSA0VWIo1u9p0
Malware Config
Targets
-
-
Target
e1f3f59b74b2c888f1deed1475d7fa73
-
Size
1.2MB
-
MD5
e1f3f59b74b2c888f1deed1475d7fa73
-
SHA1
4e4158ac9ee8e3cb997f75d5eddbb30243623906
-
SHA256
009714340e1b9cd089d6801bca92ebd507dfe37c80ba72d607e32f212de3e6a0
-
SHA512
527c91fe8cf5ef3cdbba3711266aead92ab3ddd9fca311b38c5f6cc13d8a6d1b01a23d5db13ead315aeb5485d22692ff869f4fc77b0e25323d300e36ba6b7179
-
SSDEEP
24576:e845rGHu6gVJKG75oFpA0VWIX4m2y1q2rJp0:745vRVJKGtSA0VWIo1u9p0
Score10/10-
MrBlack Trojan
IoT botnet which infects routers to be used for DDoS attacks.
-
MrBlack trojan
-
Executes dropped EXE
-
Checks CPU configuration
Checks CPU information which indicate if the system is a virtual machine.
-
Modifies init.d
Adds/modifies system service, likely for persistence.
-
Write file to user bin folder
-
Writes file to system bin folder
-