mrblack | 4fb50087fd3ecf8590b34a6ef40bdc227caee4314f480a4b01abab01c3e805ea | Triage

Submit
Reports

Overview

overview

Static

static

0c2fced6cd...kes118

ubuntu-22.04-amd64

Sharing

General

Target

0c2fced6cd1b58dc85669dae1736a19e_JaffaCakes118
Size

1.1MB
Sample

240728-gy87vawaja
MD5

0c2fced6cd1b58dc85669dae1736a19e
SHA1

775a3e0e4c5e0b53c7adf2e81ab13b0994338e0a
SHA256

4fb50087fd3ecf8590b34a6ef40bdc227caee4314f480a4b01abab01c3e805ea
SHA512

cfcf9d27b21c157a250f3fbc6b359f100293218422225ae6203f96b535a897cef84046abbf44c429aeade4e4123bee1c805a7903fcd4a08cff5cba34c6d569a4
SSDEEP

24576:4vRE7caCfKGPqVEDNLFxKsfaoI+gIGYuuCol7r:4vREKfPqVE5jKsfaoRHGVo7r

Score

10^/10

mrblack antivm botnet linux persistence trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0c2fced6cd1b58dc85669dae1736a19e_JaffaCakes118

Resource

ubuntu2204-amd64-20240729-en

mrblack antivm botnet persistence trojan

ubuntu-22.04-amd64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  0c2fced6cd1b58dc85669dae1736a19e_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  0c2fced6cd1b58dc85669dae1736a19e
- SHA1
  
  775a3e0e4c5e0b53c7adf2e81ab13b0994338e0a
- SHA256
  
  4fb50087fd3ecf8590b34a6ef40bdc227caee4314f480a4b01abab01c3e805ea
- SHA512
  
  cfcf9d27b21c157a250f3fbc6b359f100293218422225ae6203f96b535a897cef84046abbf44c429aeade4e4123bee1c805a7903fcd4a08cff5cba34c6d569a4
- SSDEEP
  
  24576:4vRE7caCfKGPqVEDNLFxKsfaoI+gIGYuuCol7r:4vREKfPqVE5jKsfaoRHGVo7r
Score

10^/10

mrblack antivm botnet persistence trojan
- MrBlack Trojan
  IoT botnet which infects routers to be used for DDoS attacks.
  trojan botnet mrblack
- MrBlack trojan
- Executes dropped EXE
- Modifies init.d
  Adds/modifies system service, likely for persistence.
  persistence
- Write file to user bin folder
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Hijack Execution Flow

Privilege Escalation

Boot or Logon Autostart Execution

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Virtualization/Sandbox Evasion

Credential Access

Discovery

System Network Configuration Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mrblackantivmbotnetpersistencetrojan

© 2018-2025

Terms | Privacy