Overview

overview

10

Static

static

10

63d7cde3cc...kes118

ubuntu-22.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    63d7cde3cc0507933b92215461707c9b_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240729-17dl3sxgnf

  • MD5

    63d7cde3cc0507933b92215461707c9b

  • SHA1

    b48d9b9f14c636124857d0dab2ca7972c90c5418

  • SHA256

    10eadb8e1c3b9193e234237f798838951b54e1dbc4f782934ce27c12e135320a

  • SHA512

    22aef0bbac785bb4c2db37b6bb299e8ff5f2d67ddd81a2742ae32d2c06665153da049c5f83778b5e9e950231b285702463c2cebf2c028423a88e5eadf27098ec

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4R2y1q2rJp0:745vRVJKGtSA0VWeoIu9p0

Score
10/10
mrblackantivmbotnetlinuxpersistencetrojan

Malware Config

Targets

    • Target

      63d7cde3cc0507933b92215461707c9b_JaffaCakes118

    • Size

      1.2MB

    • MD5

      63d7cde3cc0507933b92215461707c9b

    • SHA1

      b48d9b9f14c636124857d0dab2ca7972c90c5418

    • SHA256

      10eadb8e1c3b9193e234237f798838951b54e1dbc4f782934ce27c12e135320a

    • SHA512

      22aef0bbac785bb4c2db37b6bb299e8ff5f2d67ddd81a2742ae32d2c06665153da049c5f83778b5e9e950231b285702463c2cebf2c028423a88e5eadf27098ec

    • SSDEEP

      24576:e845rGHu6gVJKG75oFpA0VWeX4R2y1q2rJp0:745vRVJKGtSA0VWeoIu9p0

    Score
    10/10
    mrblackantivmbotnetpersistencetrojan

    • MrBlack Trojan

      IoT botnet which infects routers to be used for DDoS attacks.

      trojanbotnetmrblack

    • MrBlack trojan

    • Executes dropped EXE

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

      persistence

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Write file to user bin folder

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks