Overview

overview

10

Static

static

10

7dfe22bbbd...kes118

ubuntu-20.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7dfe22bbbd83b690a3b10baefa56b41f_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240731-z8p6tstfmp

  • MD5

    7dfe22bbbd83b690a3b10baefa56b41f

  • SHA1

    5d303e714dda278e7cbcccb7c6df422b999ee21f

  • SHA256

    2f2d6fa9a6156e0503969e89ca530b7537b4a8e6e49638f1b5afac4ed2731f90

  • SHA512

    defe616669f26bf4dd1bc84ad57821f776c732499291a9b461abd9be0217abfd20f99ad3aa46daddc1d7228e1187c39f7a2c67f85b956280e48612b5a5144726

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWIX4s2y1q2rJp0:745vRVJKGtSA0VWIoDu9p0

Score
10/10
mrblackantivmbotnetlinuxpersistencetrojan

Malware Config

Targets

    • Target

      7dfe22bbbd83b690a3b10baefa56b41f_JaffaCakes118

    • Size

      1.2MB

    • MD5

      7dfe22bbbd83b690a3b10baefa56b41f

    • SHA1

      5d303e714dda278e7cbcccb7c6df422b999ee21f

    • SHA256

      2f2d6fa9a6156e0503969e89ca530b7537b4a8e6e49638f1b5afac4ed2731f90

    • SHA512

      defe616669f26bf4dd1bc84ad57821f776c732499291a9b461abd9be0217abfd20f99ad3aa46daddc1d7228e1187c39f7a2c67f85b956280e48612b5a5144726

    • SSDEEP

      24576:e845rGHu6gVJKG75oFpA0VWIX4s2y1q2rJp0:745vRVJKGtSA0VWIoDu9p0

    Score
    10/10
    mrblackantivmbotnetpersistencetrojan

    • MrBlack Trojan

      IoT botnet which infects routers to be used for DDoS attacks.

      trojanbotnetmrblack

    • MrBlack trojan

    • Executes dropped EXE

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

      persistence

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Write file to user bin folder

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks