General
-
Target
cb084b73d800c005e5a3cf4f299f032a.bin
-
Size
456KB
-
Sample
240221-e6d1kabe7s
-
MD5
c9480c7739913bd77ae56e70ce7c4de5
-
SHA1
08bbe957a27380e84ecd8b5a862aceb0af7fb734
-
SHA256
4d595569112b09d25f8b2219d1630af1b9ef5ddefd2c8aea31f15ac7ad5798b1
-
SHA512
25ecc69c44c9aa3c1f5044d2ce9b6aed48feb96825de056f0c137e33c4423058276d456ad1457e11b45f9f6928db423cedc46ed564c990fc763c11cc089b5bce
-
SSDEEP
12288:Dbsaa7GIf4Yv86XKIpz1VJx/cq1GTYaI3+yUXWeXY9:Xc7dfX91VJ91gLNVXY9
Malware Config
Targets
-
-
Target
036a2f04ab56b5e7098c7d866eb21307011b812f126793159be1c853a6a54796.elf
-
Size
1.2MB
-
MD5
cb084b73d800c005e5a3cf4f299f032a
-
SHA1
770fca135b25594e77480cdca7116366be2ba91d
-
SHA256
036a2f04ab56b5e7098c7d866eb21307011b812f126793159be1c853a6a54796
-
SHA512
1b7476baa62f8388f933e2e15473bca928abf0d1128d551ca21a8d1b6615b04f2660f77bcf406df939d31c9916d42900a5c3dec50ebfa40ce1340ae545e41234
-
SSDEEP
24576:e845rGHu6gVJKG75oFpA0VWeX4B2y1q2rJp0:745vRVJKGtSA0VWeoYu9p0
Score10/10-
MrBlack Trojan
IoT botnet which infects routers to be used for DDoS attacks.
-
MrBlack trojan
-
Executes dropped EXE
-
Checks CPU configuration
Checks CPU information which indicate if the system is a virtual machine.
-
Modifies init.d
Adds/modifies system service, likely for persistence.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Write file to user bin folder
-
Writes file to system bin folder
-