mrblack | 3dc52786d8c011d2caffd3e2842ef7dc2599e3ff6e4bb5f1585320126299a33e | Triage

Sharing

General

Target

syn
Size

1.2MB
Sample

210211-wlxtqklkxe
MD5

47a24f3fa8b415a579cadccc171c9bd9
SHA1

91fcb36399e2a1e95f07e7321c6cb9f4b4038377
SHA256

3dc52786d8c011d2caffd3e2842ef7dc2599e3ff6e4bb5f1585320126299a33e
SHA512

6779660a0600100570e1f6950124d1d020539ddf42ae7bd525d37ea4a417a15f4cc9f69d5f69c95d075a85c08b1bd3ead519aa3148b7773703a532e9a9236e6b

Score

10^/10

mrblack linux

Malware Config

Targets

- Target
  
  syn
- Size
  
  1.2MB
- MD5
  
  47a24f3fa8b415a579cadccc171c9bd9
- SHA1
  
  91fcb36399e2a1e95f07e7321c6cb9f4b4038377
- SHA256
  
  3dc52786d8c011d2caffd3e2842ef7dc2599e3ff6e4bb5f1585320126299a33e
- SHA512
  
  6779660a0600100570e1f6950124d1d020539ddf42ae7bd525d37ea4a417a15f4cc9f69d5f69c95d075a85c08b1bd3ead519aa3148b7773703a532e9a9236e6b
Score

9^/10
- Writes file to system bin folder
- Write file to user bin folder
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3