Overview

overview

10

Static

static

10

835f5b8d9c...kes118

ubuntu-22.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    835f5b8d9c948b56108cadd92577e1f3_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240802-ha9zxa1cmr

  • MD5

    835f5b8d9c948b56108cadd92577e1f3

  • SHA1

    22e58b87941b6ccd5242297e15b7e3068c8f7dd8

  • SHA256

    fccd365aec8cedca3fe20b00fa0e0a3366c35178411ebd76d82bf5abda521f27

  • SHA512

    8812812368a8ecc8b3c857f30103865ba611940ba1572363aaeeb18f7dc6ebaf232aaf8783445e0739f3a74776ebc3a75eab3d9fc389970a5a1d7ee649a818fb

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4/2y1q2rJp0:745vRVJKGtSA0VWeo+u9p0

Score
10/10
mrblackantivmbotnetlinuxpersistencetrojan

Malware Config

Targets

    • Target

      835f5b8d9c948b56108cadd92577e1f3_JaffaCakes118

    • Size

      1.2MB

    • MD5

      835f5b8d9c948b56108cadd92577e1f3

    • SHA1

      22e58b87941b6ccd5242297e15b7e3068c8f7dd8

    • SHA256

      fccd365aec8cedca3fe20b00fa0e0a3366c35178411ebd76d82bf5abda521f27

    • SHA512

      8812812368a8ecc8b3c857f30103865ba611940ba1572363aaeeb18f7dc6ebaf232aaf8783445e0739f3a74776ebc3a75eab3d9fc389970a5a1d7ee649a818fb

    • SSDEEP

      24576:e845rGHu6gVJKG75oFpA0VWeX4/2y1q2rJp0:745vRVJKGtSA0VWeo+u9p0

    Score
    10/10
    mrblackantivmbotnetpersistencetrojan

    • MrBlack Trojan

      IoT botnet which infects routers to be used for DDoS attacks.

      trojanbotnetmrblack

    • MrBlack trojan

    • Executes dropped EXE

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

      persistence

    • Write file to user bin folder

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks