mrblack | d55ca59e33aebd0db6c433edac5c5bca6d1781ca4a35e3afcf086abf2047532b | Triage

Sharing

General

Target

dm-0
Size

1.2MB
Sample

210212-fdskt5hnns
MD5

ed15520d500810f53ec06ee02bcd6843
SHA1

2f3b2d5c4234d337ca25852831d89101886e6bcc
SHA256

d55ca59e33aebd0db6c433edac5c5bca6d1781ca4a35e3afcf086abf2047532b
SHA512

6f660a52f0262c86e53ebde16b2dc227df55a63701d504b21309cca5938f81633dcd07f1c6aba40afa722e04528693720d0a6bec1827b663fcc1d2136aede1c1

Score

10^/10

mrblack linux

Malware Config

Targets

- Target
  
  dm-0
- Size
  
  1.2MB
- MD5
  
  ed15520d500810f53ec06ee02bcd6843
- SHA1
  
  2f3b2d5c4234d337ca25852831d89101886e6bcc
- SHA256
  
  d55ca59e33aebd0db6c433edac5c5bca6d1781ca4a35e3afcf086abf2047532b
- SHA512
  
  6f660a52f0262c86e53ebde16b2dc227df55a63701d504b21309cca5938f81633dcd07f1c6aba40afa722e04528693720d0a6bec1827b663fcc1d2136aede1c1
Score

9^/10
- Writes file to system bin folder
- Write file to user bin folder
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3