Overview

overview

10

Static

static

10

77e67ae01d...kes118

ubuntu-22.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    77e67ae01d141d95eae25515ffa3f6eb_JaffaCakes118

  • Size

    1.5MB

  • Sample

    240730-s25jls1dmb

  • MD5

    77e67ae01d141d95eae25515ffa3f6eb

  • SHA1

    5d369c6bfc84aaffd9f7596c53464a3b1e9e7a50

  • SHA256

    c6671cc274dd02cbd1fe40f56e6ce819634a47ede993e98ad346b3e576f9ee9a

  • SHA512

    5c65d540b8a19d6daf9a4a4faf051d2d4c1253bd8bc09e80118cd8bcca520e13b36077d848800a738596d13730955727bc6f46ae2bf19a467e7af8d2fcecc306

  • SSDEEP

    24576:GA46TrzJBisiOvhlOHdSbQmHyJgf/kgX0Exb2cyaGpIoiMvnnLmYXqSYKKZdTrnD:zRNi6OHdSbQoyJyXpxb2PaGpXiMvnLmB

Score
10/10
mrblackantivmbotnetlinuxpersistencetrojan

Malware Config

Targets

    • Target

      77e67ae01d141d95eae25515ffa3f6eb_JaffaCakes118

    • Size

      1.5MB

    • MD5

      77e67ae01d141d95eae25515ffa3f6eb

    • SHA1

      5d369c6bfc84aaffd9f7596c53464a3b1e9e7a50

    • SHA256

      c6671cc274dd02cbd1fe40f56e6ce819634a47ede993e98ad346b3e576f9ee9a

    • SHA512

      5c65d540b8a19d6daf9a4a4faf051d2d4c1253bd8bc09e80118cd8bcca520e13b36077d848800a738596d13730955727bc6f46ae2bf19a467e7af8d2fcecc306

    • SSDEEP

      24576:GA46TrzJBisiOvhlOHdSbQmHyJgf/kgX0Exb2cyaGpIoiMvnnLmYXqSYKKZdTrnD:zRNi6OHdSbQoyJyXpxb2PaGpXiMvnLmB

    Score
    10/10
    mrblackantivmbotnetpersistencetrojan

    • MrBlack Trojan

      IoT botnet which infects routers to be used for DDoS attacks.

      trojanbotnetmrblack

    • MrBlack trojan

    • Executes dropped EXE

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

      persistence

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Write file to user bin folder

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks