General
-
Target
9c65f61859b4b8ae00c79ddd63abf60d.elf
-
Size
1.2MB
-
Sample
240322-tkbewafh2t
-
MD5
9c65f61859b4b8ae00c79ddd63abf60d
-
SHA1
ddf2c1d0abdef832ec746004dcdfd0cd800048ae
-
SHA256
fab8944e3f0541c0ff149306ea74137f7c1e9c081670906844769a45aa7171b4
-
SHA512
ed39ef838a9cdff65e891f65a98800ebd282645e13d9f83a6b620e3bc573a3fae8e5f312136b970977a4cdbdf5a0e600be401cf425a2d673d30c715562ab163e
-
SSDEEP
24576:e845rGHu6gVJKG75oFpA0VWeX4a2y1q2rJp0:745vRVJKGtSA0VWeoZu9p0
Malware Config
Targets
-
-
Target
9c65f61859b4b8ae00c79ddd63abf60d.elf
-
Size
1.2MB
-
MD5
9c65f61859b4b8ae00c79ddd63abf60d
-
SHA1
ddf2c1d0abdef832ec746004dcdfd0cd800048ae
-
SHA256
fab8944e3f0541c0ff149306ea74137f7c1e9c081670906844769a45aa7171b4
-
SHA512
ed39ef838a9cdff65e891f65a98800ebd282645e13d9f83a6b620e3bc573a3fae8e5f312136b970977a4cdbdf5a0e600be401cf425a2d673d30c715562ab163e
-
SSDEEP
24576:e845rGHu6gVJKG75oFpA0VWeX4a2y1q2rJp0:745vRVJKGtSA0VWeoZu9p0
Score10/10-
MrBlack Trojan
IoT botnet which infects routers to be used for DDoS attacks.
-
MrBlack trojan
-
Executes dropped EXE
-
Checks CPU configuration
Checks CPU information which indicate if the system is a virtual machine.
-
Modifies init.d
Adds/modifies system service, likely for persistence.
-
Write file to user bin folder
-
Writes file to system bin folder
-