mrblack | 59ca60b197c4d2db7a9571793da63440bc048fa7c5eb995fd0f092c09cfd751d | Triage

Sharing

General

Target

linus
Size

1.2MB
Sample

210211-pzqcf8ppda
MD5

ad034034206082669ba7eee0ba3e0890
SHA1

3d81b78a3ef803f89443db70eca050c08ef3f3f9
SHA256

59ca60b197c4d2db7a9571793da63440bc048fa7c5eb995fd0f092c09cfd751d
SHA512

e1dc8047e32bb2be8afd535c3a7b4c30ea3d8bb3b557beb300ca3944946eac879c03b8abbe8ffc047dc5523542b0d554fe44efd324635c05bf40af5eb27f425f

Score

10^/10

mrblack linux

Malware Config

Targets

- Target
  
  linus
- Size
  
  1.2MB
- MD5
  
  ad034034206082669ba7eee0ba3e0890
- SHA1
  
  3d81b78a3ef803f89443db70eca050c08ef3f3f9
- SHA256
  
  59ca60b197c4d2db7a9571793da63440bc048fa7c5eb995fd0f092c09cfd751d
- SHA512
  
  e1dc8047e32bb2be8afd535c3a7b4c30ea3d8bb3b557beb300ca3944946eac879c03b8abbe8ffc047dc5523542b0d554fe44efd324635c05bf40af5eb27f425f
Score

9^/10
- Writes file to system bin folder
- Write file to user bin folder
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3