Overview

overview

10

Static

static

10

2674ef5c89...kes118

ubuntu-22.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2674ef5c89fcfb31f83341335966c307_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240728-1vyrgsxbkj

  • MD5

    2674ef5c89fcfb31f83341335966c307

  • SHA1

    d0cb6e1ff4bbb04cc73ee29dfbee12b922437d6f

  • SHA256

    07b57927f4faaa8bd42516e4e79a54ec32a58200a6be95ab776803f6604c55a1

  • SHA512

    e86e65259132e5ed2ac7213214978b8e10f20cce6ffe76ee7d6690e154eb98a0e1798268b1bca46b5f37bd9291e4a7b2fed3cacc6694046e39bdf51ebfcf8325

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4R2y1q2rJp0:745vRVJKGtSA0VWeoIu9p0

Score
10/10
mrblackantivmbotnetlinuxpersistencetrojan

Malware Config

Targets

    • Target

      2674ef5c89fcfb31f83341335966c307_JaffaCakes118

    • Size

      1.2MB

    • MD5

      2674ef5c89fcfb31f83341335966c307

    • SHA1

      d0cb6e1ff4bbb04cc73ee29dfbee12b922437d6f

    • SHA256

      07b57927f4faaa8bd42516e4e79a54ec32a58200a6be95ab776803f6604c55a1

    • SHA512

      e86e65259132e5ed2ac7213214978b8e10f20cce6ffe76ee7d6690e154eb98a0e1798268b1bca46b5f37bd9291e4a7b2fed3cacc6694046e39bdf51ebfcf8325

    • SSDEEP

      24576:e845rGHu6gVJKG75oFpA0VWeX4R2y1q2rJp0:745vRVJKGtSA0VWeoIu9p0

    Score
    10/10
    mrblackantivmbotnetpersistencetrojan

    • MrBlack Trojan

      IoT botnet which infects routers to be used for DDoS attacks.

      trojanbotnetmrblack

    • MrBlack trojan

    • Executes dropped EXE

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

      persistence

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Write file to user bin folder

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks