General
-
Target
15293d54a15e7ffe3e23c5c15d895cd7_JaffaCakes118
-
Size
1.2MB
-
Sample
240728-mqewxssdql
-
MD5
15293d54a15e7ffe3e23c5c15d895cd7
-
SHA1
42aac86ae8627b1c9e6f681672519b73c580d132
-
SHA256
098a02314cbf266566705b37b0ccc74eca66670f7ea75518bfc23d6843bbb478
-
SHA512
2f31c54a7ab33abfceb1c1ea03a8a8408f9ee18390be6182169719732275b3827a7f32d27812ab297e669e6aad1e6142d7bb164759eaa47d0739f66bb47c3b32
-
SSDEEP
24576:e845rlHu6gVJKG75oFpA0VWmX4G2y1q2rJp0:745wRVJKGtSA0VWmoVu9p0
Malware Config
Targets
-
-
Target
15293d54a15e7ffe3e23c5c15d895cd7_JaffaCakes118
-
Size
1.2MB
-
MD5
15293d54a15e7ffe3e23c5c15d895cd7
-
SHA1
42aac86ae8627b1c9e6f681672519b73c580d132
-
SHA256
098a02314cbf266566705b37b0ccc74eca66670f7ea75518bfc23d6843bbb478
-
SHA512
2f31c54a7ab33abfceb1c1ea03a8a8408f9ee18390be6182169719732275b3827a7f32d27812ab297e669e6aad1e6142d7bb164759eaa47d0739f66bb47c3b32
-
SSDEEP
24576:e845rlHu6gVJKG75oFpA0VWmX4G2y1q2rJp0:745wRVJKGtSA0VWmoVu9p0
Score10/10-
MrBlack Trojan
IoT botnet which infects routers to be used for DDoS attacks.
-
MrBlack trojan
-
Executes dropped EXE
-
Modifies init.d
Adds/modifies system service, likely for persistence.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Write file to user bin folder
-
Writes file to system bin folder
-