mrblack | 2f4163b6a30d738f619513cdcc8ee40056eeef9244455225d629a0fc2c58638a | Triage

Sharing

General

Target

52ee1db0410a334aaacb401316f45046
Size

1.2MB
Sample

210903-s9x5hagefl
MD5

52ee1db0410a334aaacb401316f45046
SHA1

132de5ace5e4be71d66fcbb8ee60153e919679e5
SHA256

2f4163b6a30d738f619513cdcc8ee40056eeef9244455225d629a0fc2c58638a
SHA512

2f07c338d180e6c8e687f0977a684a046951b4592aac0c362ccc0ecadbac30b6925c189e91e28fb3af0edd93cb62d2ef75b1d4d548e19b7988de89b0f569d6af

Score

10^/10

mrblack linux

Malware Config

Targets

- Target
  
  52ee1db0410a334aaacb401316f45046
- Size
  
  1.2MB
- MD5
  
  52ee1db0410a334aaacb401316f45046
- SHA1
  
  132de5ace5e4be71d66fcbb8ee60153e919679e5
- SHA256
  
  2f4163b6a30d738f619513cdcc8ee40056eeef9244455225d629a0fc2c58638a
- SHA512
  
  2f07c338d180e6c8e687f0977a684a046951b4592aac0c362ccc0ecadbac30b6925c189e91e28fb3af0edd93cb62d2ef75b1d4d548e19b7988de89b0f569d6af
Score

9^/10
- Writes file to system bin folder
- Write file to user bin folder
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3