mrblack | 59eefbe4e45862763a3cbbc11dcab546d9299c1af083c7687cbb01e95c90c924 | Triage

Submit
Reports

Overview

overview

Static

static

19c71e6ffc...kes118

ubuntu-18.04-amd64

Sharing

General

Target

19c71e6ffc70783f1c78b2f3da61461f_JaffaCakes118
Size

1.1MB
Sample

240728-v3n95ayfke
MD5

19c71e6ffc70783f1c78b2f3da61461f
SHA1

6f3c70ebdb21c50e41c98e6adf15599d576235aa
SHA256

59eefbe4e45862763a3cbbc11dcab546d9299c1af083c7687cbb01e95c90c924
SHA512

df89ebe8ccad1eb35a482090043312d5640b8d7d4e8a2c135d91053db749d1ddc8335f8a5ea340bb9cc9fa0f9e37e00d028a173dcb14c5f7e3f59309263838ad
SSDEEP

24576:4vRE7caCfKGPqVEDNLFxKsfawI+gIGYuuCol7r:4vREKfPqVE5jKsfawRHGVo7r

Score

10^/10

mrblack antivm botnet linux persistence trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

19c71e6ffc70783f1c78b2f3da61461f_JaffaCakes118

Resource

ubuntu1804-amd64-20240729-en

mrblack antivm botnet persistence trojan

ubuntu-18.04-amd64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  19c71e6ffc70783f1c78b2f3da61461f_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  19c71e6ffc70783f1c78b2f3da61461f
- SHA1
  
  6f3c70ebdb21c50e41c98e6adf15599d576235aa
- SHA256
  
  59eefbe4e45862763a3cbbc11dcab546d9299c1af083c7687cbb01e95c90c924
- SHA512
  
  df89ebe8ccad1eb35a482090043312d5640b8d7d4e8a2c135d91053db749d1ddc8335f8a5ea340bb9cc9fa0f9e37e00d028a173dcb14c5f7e3f59309263838ad
- SSDEEP
  
  24576:4vRE7caCfKGPqVEDNLFxKsfawI+gIGYuuCol7r:4vREKfPqVE5jKsfawRHGVo7r
Score

10^/10

mrblack antivm botnet persistence trojan
- MrBlack Trojan
  IoT botnet which infects routers to be used for DDoS attacks.
  trojan botnet mrblack
- MrBlack trojan
- Executes dropped EXE
- Modifies init.d
  Adds/modifies system service, likely for persistence.
  persistence
- Write file to user bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Hijack Execution Flow

Privilege Escalation

Boot or Logon Autostart Execution

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Virtualization/Sandbox Evasion

Credential Access

Discovery

System Network Configuration Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mrblackantivmbotnetpersistencetrojan

© 2018-2024

Terms | Privacy