General
-
Target
f134f8f0cdf87e2f3f4d9cbcc0f86b39
-
Size
1.1MB
-
Sample
231222-tzsygaafb7
-
MD5
f134f8f0cdf87e2f3f4d9cbcc0f86b39
-
SHA1
584f15ff5f2188a25b8b27d96290c3550e4dffde
-
SHA256
478e45caa33dd580e1b3805d84fffd190d9cee3635137ea1d3fc4220626519a7
-
SHA512
faea0bbb90f6b0c84daf124c7db0cf1ef7fc1667e2636bab76ca06172fe930c0b6c363116338d4aa14a40b97a94e61b52f125a7ed76a2d51983078c24668c986
-
SSDEEP
24576:4vRE7caCfKGPqVEDNLFxKsfa2I+gIGYuuCol7r:4vREKfPqVE5jKsfa2RHGVo7r
Malware Config
Targets
-
-
Target
f134f8f0cdf87e2f3f4d9cbcc0f86b39
-
Size
1.1MB
-
MD5
f134f8f0cdf87e2f3f4d9cbcc0f86b39
-
SHA1
584f15ff5f2188a25b8b27d96290c3550e4dffde
-
SHA256
478e45caa33dd580e1b3805d84fffd190d9cee3635137ea1d3fc4220626519a7
-
SHA512
faea0bbb90f6b0c84daf124c7db0cf1ef7fc1667e2636bab76ca06172fe930c0b6c363116338d4aa14a40b97a94e61b52f125a7ed76a2d51983078c24668c986
-
SSDEEP
24576:4vRE7caCfKGPqVEDNLFxKsfa2I+gIGYuuCol7r:4vREKfPqVE5jKsfa2RHGVo7r
Score10/10-
MrBlack Trojan
IoT botnet which infects routers to be used for DDoS attacks.
-
MrBlack trojan
-
Executes dropped EXE
-
Checks CPU configuration
Checks CPU information which indicate if the system is a virtual machine.
-
Modifies init.d
Adds/modifies system service, likely for persistence.
-
Write file to user bin folder
-
Writes file to system bin folder
-