General
-
Target
21652156824d4a074e1b690d4f6bfad7_JaffaCakes118
-
Size
1.2MB
-
Sample
240507-x62qqsbg6v
-
MD5
21652156824d4a074e1b690d4f6bfad7
-
SHA1
43f2d4779ee62982f574143e86cb95c65e1fdd49
-
SHA256
0f59819c0394537dc96ff243c24d432fc47f44fc72cfc4ccba43c8e5bde8bcf2
-
SHA512
7298344489af32ab2d967200ed70eea00096090d09e809d9288d3a5945b108abcd1ca2a939941eb4b040972a243c2ba3990ec20d2744caa11fdf125e77dc22d4
-
SSDEEP
24576:e845rlHu6gVJKG75oFpA0VW/X4G2y1q2rJp0:745wRVJKGtSA0VW/oVu9p0
Malware Config
Targets
-
-
Target
21652156824d4a074e1b690d4f6bfad7_JaffaCakes118
-
Size
1.2MB
-
MD5
21652156824d4a074e1b690d4f6bfad7
-
SHA1
43f2d4779ee62982f574143e86cb95c65e1fdd49
-
SHA256
0f59819c0394537dc96ff243c24d432fc47f44fc72cfc4ccba43c8e5bde8bcf2
-
SHA512
7298344489af32ab2d967200ed70eea00096090d09e809d9288d3a5945b108abcd1ca2a939941eb4b040972a243c2ba3990ec20d2744caa11fdf125e77dc22d4
-
SSDEEP
24576:e845rlHu6gVJKG75oFpA0VW/X4G2y1q2rJp0:745wRVJKGtSA0VW/oVu9p0
Score10/10-
MrBlack Trojan
IoT botnet which infects routers to be used for DDoS attacks.
-
MrBlack trojan
-
Executes dropped EXE
-
Modifies init.d
Adds/modifies system service, likely for persistence.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Write file to user bin folder
-
Writes file to system bin folder
-