Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

d6e5833b5f...d34d77

ubuntu-18.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d6e5833b5fd732ac2ba017b1a6d34d77

  • Size

    1.2MB

  • Sample

    231222-spnqbsagd9

  • MD5

    d6e5833b5fd732ac2ba017b1a6d34d77

  • SHA1

    77a31f0c1fdc7548c20e034c1761515a47a56a79

  • SHA256

    856452857b500cca80879789377b60a6721cfe065f1f254a929d06f731eccca0

  • SHA512

    1109c33635df4c76b3f56cad57fabfd5994d63e88f69533afe1aaa61d80a568dcdcfddda9cf0e763280427cadddaf2bc62d42162d0bcc2c7ba2a5cf1f4cfcf8a

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWIX4h2y1q2rJp0:745vRVJKGtSA0VWIo4u9p0

Score
10/10
mrblackantivmbotnetlinuxpersistencetrojan

Malware Config

Targets

    • Target

      d6e5833b5fd732ac2ba017b1a6d34d77

    • Size

      1.2MB

    • MD5

      d6e5833b5fd732ac2ba017b1a6d34d77

    • SHA1

      77a31f0c1fdc7548c20e034c1761515a47a56a79

    • SHA256

      856452857b500cca80879789377b60a6721cfe065f1f254a929d06f731eccca0

    • SHA512

      1109c33635df4c76b3f56cad57fabfd5994d63e88f69533afe1aaa61d80a568dcdcfddda9cf0e763280427cadddaf2bc62d42162d0bcc2c7ba2a5cf1f4cfcf8a

    • SSDEEP

      24576:e845rGHu6gVJKG75oFpA0VWIX4h2y1q2rJp0:745vRVJKGtSA0VWIo4u9p0

    Score
    10/10
    mrblackantivmbotnetpersistencetrojan

    • MrBlack Trojan

      IoT botnet which infects routers to be used for DDoS attacks.

      trojanbotnetmrblack

    • MrBlack trojan

    • Executes dropped EXE

    • Checks CPU configuration

      Checks CPU information which indicate if the system is a virtual machine.

      antivm

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

      persistence

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Write file to user bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks