General
-
Target
f57f99f56834d73211bac97f4ec2dc5c.bin
-
Size
434KB
-
Sample
240506-cflllsgd43
-
MD5
7e1f052db4ab977291fde60e574a3f8c
-
SHA1
815b9bb6b83dd80dd5bcf13c548b45d0fb26deb5
-
SHA256
0e8b7406cefebfc76b5ca5b48c77e88bbaea2aaef89fbf947f164d017ff15743
-
SHA512
e1445e80e8e0645646288f10f0c9819eb93ff5995a15c3c6368e48ee2422a45147c991bb4a8d4fbdf2e32395160901475b7543c14973697ad1483b2048c2d4cd
-
SSDEEP
6144:+AKqQAGK3MGMVh2b90vq1xAN3hqoktNx05FtvQiEBEKV+f3UoHFQPMj:+7Al3MGeA22AFOxsFWA3UoHF6Mj
Malware Config
Targets
-
-
Target
a7d548bcb9a58a58b5dfb9f059b302131fc0107a094f1fbb53c7d525b9327b60.elf
-
Size
1.1MB
-
MD5
f57f99f56834d73211bac97f4ec2dc5c
-
SHA1
314fff2c301fb120ce100e812e3ef4b31580551d
-
SHA256
a7d548bcb9a58a58b5dfb9f059b302131fc0107a094f1fbb53c7d525b9327b60
-
SHA512
c2785a0b3231ccd5c217f6ec38aa8ca3ece2cc3a3364a3271582ba49cf9ac8a5dfd163765c6284ba72c9bd4e711cc059ba328e6a7ad0b1adeb7e85447b9350a8
-
SSDEEP
24576:4vRE7caCfKGPqVEDNLFxKsfa1I+gIGYuuCol7r:4vREKfPqVE5jKsfa1RHGVo7r
Score10/10-
MrBlack Trojan
IoT botnet which infects routers to be used for DDoS attacks.
-
MrBlack trojan
-
Executes dropped EXE
-
Modifies init.d
Adds/modifies system service, likely for persistence.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Write file to user bin folder
-
Writes file to system bin folder
-