Overview

overview

10

Static

static

10

7f25db5cb1...kes118

ubuntu-22.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7f25db5cb1cc08f7eb7c0f5fa46268ef_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240801-exsglawcnh

  • MD5

    7f25db5cb1cc08f7eb7c0f5fa46268ef

  • SHA1

    c1325e3dc4881fa1c09c7f497e60b7fd0f663ba0

  • SHA256

    e4883dda7079c57d623a0b7b7bd2ede4c796f1e00fe5cf039daedd25dd26c957

  • SHA512

    961f221083d4f88a55a7d2424849302e18cc2e5b91f63bf776fe2beb3111569903fde685e0ec9802c83e414208fdb6af7c497fb11ff9823108ce9eca0bc1fa1b

  • SSDEEP

    24576:4vRE7caCfKGPqVEDNLFxKsfaAI+gIGYuuCol7r:4vREKfPqVE5jKsfaARHGVo7r

Score
10/10
mrblackantivmbotnetlinuxpersistencetrojan

Malware Config

Targets

    • Target

      7f25db5cb1cc08f7eb7c0f5fa46268ef_JaffaCakes118

    • Size

      1.1MB

    • MD5

      7f25db5cb1cc08f7eb7c0f5fa46268ef

    • SHA1

      c1325e3dc4881fa1c09c7f497e60b7fd0f663ba0

    • SHA256

      e4883dda7079c57d623a0b7b7bd2ede4c796f1e00fe5cf039daedd25dd26c957

    • SHA512

      961f221083d4f88a55a7d2424849302e18cc2e5b91f63bf776fe2beb3111569903fde685e0ec9802c83e414208fdb6af7c497fb11ff9823108ce9eca0bc1fa1b

    • SSDEEP

      24576:4vRE7caCfKGPqVEDNLFxKsfaAI+gIGYuuCol7r:4vREKfPqVE5jKsfaARHGVo7r

    Score
    10/10
    mrblackantivmbotnetpersistencetrojan

    • MrBlack Trojan

      IoT botnet which infects routers to be used for DDoS attacks.

      trojanbotnetmrblack

    • MrBlack trojan

    • Executes dropped EXE

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

      persistence

    • Write file to user bin folder

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks