General
-
Target
c6cb654b7c737c67b7fcc714839b108ecf503efaf4d581f59da58e783df4ac21
-
Size
1.2MB
-
Sample
240227-c3m3yseg7v
-
MD5
6e922435326fba001ebcddb3afde00aa
-
SHA1
ad41b157112936b7fc1029d32c97fecb606a80fe
-
SHA256
c6cb654b7c737c67b7fcc714839b108ecf503efaf4d581f59da58e783df4ac21
-
SHA512
e5e70a17ec59018381e1902530d81e5b808d926d3b8fee53e24355449a6c289dcd7013cbc3fa99f9a316bb968788a724b184555611686820277f11d85983fb92
-
SSDEEP
24576:e845rGHu6gVJKG75oFpA0VWeX4S2y1q2rJp0:745vRVJKGtSA0VWeohu9p0
Malware Config
Targets
-
-
Target
c6cb654b7c737c67b7fcc714839b108ecf503efaf4d581f59da58e783df4ac21
-
Size
1.2MB
-
MD5
6e922435326fba001ebcddb3afde00aa
-
SHA1
ad41b157112936b7fc1029d32c97fecb606a80fe
-
SHA256
c6cb654b7c737c67b7fcc714839b108ecf503efaf4d581f59da58e783df4ac21
-
SHA512
e5e70a17ec59018381e1902530d81e5b808d926d3b8fee53e24355449a6c289dcd7013cbc3fa99f9a316bb968788a724b184555611686820277f11d85983fb92
-
SSDEEP
24576:e845rGHu6gVJKG75oFpA0VWeX4S2y1q2rJp0:745vRVJKGtSA0VWeohu9p0
Score10/10-
MrBlack Trojan
IoT botnet which infects routers to be used for DDoS attacks.
-
MrBlack trojan
-
Executes dropped EXE
-
Checks CPU configuration
Checks CPU information which indicate if the system is a virtual machine.
-
Modifies init.d
Adds/modifies system service, likely for persistence.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Write file to user bin folder
-
Writes file to system bin folder
-