mrblack | 5a15370faf7be726da0f436bda42de5d71776a7d21cae485470acf3c9b9763f6 | Triage

Submit
Reports

Overview

overview

Static

static

6d0f9fd91d...kes118

ubuntu-22.04-amd64

Sharing

General

Target

6d0f9fd91d5ded78398c0dfb5aa9f4c7_JaffaCakes118
Size

1.2MB
Sample

240730-bwvnsavgre
MD5

6d0f9fd91d5ded78398c0dfb5aa9f4c7
SHA1

5b3132a9c2ec2a210436b1a755e3a7bac2e6142b
SHA256

5a15370faf7be726da0f436bda42de5d71776a7d21cae485470acf3c9b9763f6
SHA512

746012d6427ae0294ded79a73c0af61e68ca10b8a80ff63392ff3aab79a6768eb6559ab592c243084c25fae847eee7b836ca87a5c148c35d4e52bf0d237325f6
SSDEEP

24576:e845rGHu6gVJKG75oFpA0VWIX4i2y1q2rJp0:745vRVJKGtSA0VWIoRu9p0

Score

10^/10

mrblack antivm botnet linux persistence trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

6d0f9fd91d5ded78398c0dfb5aa9f4c7_JaffaCakes118

Resource

ubuntu2204-amd64-20240611-en

mrblack antivm botnet persistence trojan

ubuntu-22.04-amd64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  6d0f9fd91d5ded78398c0dfb5aa9f4c7_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  6d0f9fd91d5ded78398c0dfb5aa9f4c7
- SHA1
  
  5b3132a9c2ec2a210436b1a755e3a7bac2e6142b
- SHA256
  
  5a15370faf7be726da0f436bda42de5d71776a7d21cae485470acf3c9b9763f6
- SHA512
  
  746012d6427ae0294ded79a73c0af61e68ca10b8a80ff63392ff3aab79a6768eb6559ab592c243084c25fae847eee7b836ca87a5c148c35d4e52bf0d237325f6
- SSDEEP
  
  24576:e845rGHu6gVJKG75oFpA0VWIX4i2y1q2rJp0:745vRVJKGtSA0VWIoRu9p0
Score

10^/10

mrblack antivm botnet persistence trojan
- MrBlack Trojan
  IoT botnet which infects routers to be used for DDoS attacks.
  trojan botnet mrblack
- MrBlack trojan
- Executes dropped EXE
- Modifies init.d
  Adds/modifies system service, likely for persistence.
  persistence
- Write file to user bin folder
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Hijack Execution Flow

Privilege Escalation

Boot or Logon Autostart Execution

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Virtualization/Sandbox Evasion

Credential Access

Discovery

System Network Configuration Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mrblackantivmbotnetpersistencetrojan

© 2018-2025

Terms | Privacy