General
-
Target
d7799f78f82dc2d31735ac344aa95611_JaffaCakes118
-
Size
1.1MB
-
Sample
240910-c7bkqavcma
-
MD5
d7799f78f82dc2d31735ac344aa95611
-
SHA1
41c47481d77860552cf47692f10240838fe6ce50
-
SHA256
8e5946630ea113f1e9caf1e3678fc74d2414ff90b759544b62d3b9be674ffd76
-
SHA512
0bf31f30eea64e443bb410b09c0d10a3233c85a16db9aa4769b1c073417f824ce72665171508f35d0aae2533f345944ea1c26bf24e7b035e3492628dde2619eb
-
SSDEEP
24576:4vRE7caCfKGPqVEDNLFxKsfaEI+gIGYuuCol7r:4vREKfPqVE5jKsfaERHGVo7r
Malware Config
Targets
-
-
Target
d7799f78f82dc2d31735ac344aa95611_JaffaCakes118
-
Size
1.1MB
-
MD5
d7799f78f82dc2d31735ac344aa95611
-
SHA1
41c47481d77860552cf47692f10240838fe6ce50
-
SHA256
8e5946630ea113f1e9caf1e3678fc74d2414ff90b759544b62d3b9be674ffd76
-
SHA512
0bf31f30eea64e443bb410b09c0d10a3233c85a16db9aa4769b1c073417f824ce72665171508f35d0aae2533f345944ea1c26bf24e7b035e3492628dde2619eb
-
SSDEEP
24576:4vRE7caCfKGPqVEDNLFxKsfaEI+gIGYuuCol7r:4vREKfPqVE5jKsfaERHGVo7r
Score10/10-
MrBlack Trojan
IoT botnet which infects routers to be used for DDoS attacks.
-
MrBlack trojan
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Modifies init.d
Adds/modifies system service, likely for persistence.
-
Write file to user bin folder
-
Writes file to system bin folder
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Boot or Logon Initialization Scripts
1RC Scripts
1Privilege Escalation
Boot or Logon Autostart Execution
1Boot or Logon Initialization Scripts
1RC Scripts
1Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Virtualization/Sandbox Evasion
1System Checks
1