mrblack | ca22002822b27562971b1b12bfd61f2f670554ebdb0907270fda4a65f7fd2eed | Triage

Submit
Reports

Overview

overview

Static

static

80d0cac0cd...kes118

ubuntu-22.04-amd64

Sharing

General

Target

80d0cac0cd6be8010819fdcd7ac4af46_JaffaCakes118
Size

1.2MB
Sample

240801-rqj8vsvcmm
MD5

80d0cac0cd6be8010819fdcd7ac4af46
SHA1

adb2208a2016c6686c52d440f518098b4cbe3846
SHA256

ca22002822b27562971b1b12bfd61f2f670554ebdb0907270fda4a65f7fd2eed
SHA512

d0f1da32dd1f70ce3f918230c39c3d7a6210998f0a3ea0262805611156e3d37e8af237d14e3bf19eba0d7ea5b154621880fe3eadaea87bfc6e6337c6a5294a48
SSDEEP

24576:e845rGHu6gVJKG75oFpA0VWeX4y2y1q2rJp0:745vRVJKGtSA0VWeoBu9p0

Score

10^/10

mrblack antivm botnet linux persistence trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

80d0cac0cd6be8010819fdcd7ac4af46_JaffaCakes118

Resource

ubuntu2204-amd64-20240611-en

mrblack antivm botnet persistence trojan

ubuntu-22.04-amd64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  80d0cac0cd6be8010819fdcd7ac4af46_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  80d0cac0cd6be8010819fdcd7ac4af46
- SHA1
  
  adb2208a2016c6686c52d440f518098b4cbe3846
- SHA256
  
  ca22002822b27562971b1b12bfd61f2f670554ebdb0907270fda4a65f7fd2eed
- SHA512
  
  d0f1da32dd1f70ce3f918230c39c3d7a6210998f0a3ea0262805611156e3d37e8af237d14e3bf19eba0d7ea5b154621880fe3eadaea87bfc6e6337c6a5294a48
- SSDEEP
  
  24576:e845rGHu6gVJKG75oFpA0VWeX4y2y1q2rJp0:745vRVJKGtSA0VWeoBu9p0
Score

10^/10

mrblack antivm botnet persistence trojan
- MrBlack Trojan
  IoT botnet which infects routers to be used for DDoS attacks.
  trojan botnet mrblack
- MrBlack trojan
- Executes dropped EXE
- Modifies init.d
  Adds/modifies system service, likely for persistence.
  persistence
- Write file to user bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Hijack Execution Flow

Privilege Escalation

Boot or Logon Autostart Execution

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Virtualization/Sandbox Evasion

Credential Access

Discovery

System Network Configuration Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mrblackantivmbotnetpersistencetrojan

© 2018-2025

Terms | Privacy