Overview

overview

10

Static

static

10

5d9ca3020c...kes118

ubuntu-22.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5d9ca3020c64a239b84e32aca08af87b_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240729-y3s5vsyclq

  • MD5

    5d9ca3020c64a239b84e32aca08af87b

  • SHA1

    a22260a3983921f4059f15298a91b8a970bc909f

  • SHA256

    cfe3dccf9ba5a17e410e8e7cf8d0ff5c1b8688f99881b53933006250b6421468

  • SHA512

    35efb58ebaa5ee5a198b2678232a06e966f108a7dfc6465ebee1355e9574ea51ac647c3585434dad385a4ea962f4bf49bfb44287e8bbccd2fcef2c726660e8ce

  • SSDEEP

    24576:4vRE7caCfKGPqVEDNLFxKsfaBI+gIGYuuCol7r:4vREKfPqVE5jKsfaBRHGVo7r

Score
10/10
mrblackantivmbotnetlinuxpersistencetrojan

Malware Config

Targets

    • Target

      5d9ca3020c64a239b84e32aca08af87b_JaffaCakes118

    • Size

      1.1MB

    • MD5

      5d9ca3020c64a239b84e32aca08af87b

    • SHA1

      a22260a3983921f4059f15298a91b8a970bc909f

    • SHA256

      cfe3dccf9ba5a17e410e8e7cf8d0ff5c1b8688f99881b53933006250b6421468

    • SHA512

      35efb58ebaa5ee5a198b2678232a06e966f108a7dfc6465ebee1355e9574ea51ac647c3585434dad385a4ea962f4bf49bfb44287e8bbccd2fcef2c726660e8ce

    • SSDEEP

      24576:4vRE7caCfKGPqVEDNLFxKsfaBI+gIGYuuCol7r:4vREKfPqVE5jKsfaBRHGVo7r

    Score
    10/10
    mrblackantivmbotnetpersistencetrojan

    • MrBlack Trojan

      IoT botnet which infects routers to be used for DDoS attacks.

      trojanbotnetmrblack

    • MrBlack trojan

    • Executes dropped EXE

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

      persistence

    • Write file to user bin folder

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks