Overview

overview

10

Static

static

10

28028763bd...kes118

ubuntu-20.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    28028763bd19e58aed1e262d8df6da84_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240509-dndreaab32

  • MD5

    28028763bd19e58aed1e262d8df6da84

  • SHA1

    14df4ad34d74026b862e43556b94ceedefba1e96

  • SHA256

    8ebd963f86ba62f45b936f6d6687ccb1e349a0f8a6cc19286457895c885695c8

  • SHA512

    7055da8d36353e721361525b40f80b431b7f4201a9fb80add8e046c34bb85ee05cf8b9027d6e42b2bbb53c077cb6c049cd762f9b3042bd2495ff762f785d12c5

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4h2y1q2rJp0:745vRVJKGtSA0VWeo4u9p0

Score
10/10
mrblackantivmbotnetlinuxpersistencetrojan

Malware Config

Targets

    • Target

      28028763bd19e58aed1e262d8df6da84_JaffaCakes118

    • Size

      1.2MB

    • MD5

      28028763bd19e58aed1e262d8df6da84

    • SHA1

      14df4ad34d74026b862e43556b94ceedefba1e96

    • SHA256

      8ebd963f86ba62f45b936f6d6687ccb1e349a0f8a6cc19286457895c885695c8

    • SHA512

      7055da8d36353e721361525b40f80b431b7f4201a9fb80add8e046c34bb85ee05cf8b9027d6e42b2bbb53c077cb6c049cd762f9b3042bd2495ff762f785d12c5

    • SSDEEP

      24576:e845rGHu6gVJKG75oFpA0VWeX4h2y1q2rJp0:745vRVJKGtSA0VWeo4u9p0

    Score
    10/10
    mrblackantivmbotnetpersistencetrojan

    • MrBlack Trojan

      IoT botnet which infects routers to be used for DDoS attacks.

      trojanbotnetmrblack

    • MrBlack trojan

    • Executes dropped EXE

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

      persistence

    • Write file to user bin folder

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks