Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

04d5a41004...kes118

ubuntu-22.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    04d5a41004714d8e35905d873379a9d6_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240728-btmv6atard

  • MD5

    04d5a41004714d8e35905d873379a9d6

  • SHA1

    43c9261b3454562e7b58f87eac891bcb1b514cc5

  • SHA256

    c941b4d1543b3a527d583bfaf564e60593e1bc477676d5bce1027921296ff261

  • SHA512

    9a74777686252f677158f910ffda1eb72b8a38377b7a8d3653846e70cb3e414c50981b4dfe4241ab9b60521fbca2a145e9fecf2922f9433e6616782b44172460

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4w2y1q2rJp0:745vRVJKGtSA0VWeoHu9p0

Score
10/10
mrblackantivmbotnetlinuxpersistencetrojan

Malware Config

Targets

    • Target

      04d5a41004714d8e35905d873379a9d6_JaffaCakes118

    • Size

      1.2MB

    • MD5

      04d5a41004714d8e35905d873379a9d6

    • SHA1

      43c9261b3454562e7b58f87eac891bcb1b514cc5

    • SHA256

      c941b4d1543b3a527d583bfaf564e60593e1bc477676d5bce1027921296ff261

    • SHA512

      9a74777686252f677158f910ffda1eb72b8a38377b7a8d3653846e70cb3e414c50981b4dfe4241ab9b60521fbca2a145e9fecf2922f9433e6616782b44172460

    • SSDEEP

      24576:e845rGHu6gVJKG75oFpA0VWeX4w2y1q2rJp0:745vRVJKGtSA0VWeoHu9p0

    Score
    10/10
    mrblackantivmbotnetpersistencetrojan

    • MrBlack Trojan

      IoT botnet which infects routers to be used for DDoS attacks.

      trojanbotnetmrblack

    • MrBlack trojan

    • Executes dropped EXE

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

      persistence

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Write file to user bin folder

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks