mrblack | ea096e487a5853558cc9f00936a167a915e97375c4892fe8111252da61d7cfbf | Triage

Sharing

General

Target

ea096e487a5853558cc9f00936a167a915e97375c4892fe8111252da61d7cfbf
Size

1.1MB
Sample

220218-g5r7xacebm
MD5

df76bc434765108eecd8cbfb6a8bde76
SHA1

566a6dd2fd0b0352b7b0867ac72817f9a66fda1c
SHA256

ea096e487a5853558cc9f00936a167a915e97375c4892fe8111252da61d7cfbf
SHA512

8e809ab6686de36c0d670aa5217f346377e4074dc49cb802702ab643fba20b325bc65da0961be6e4b98a237f84f59074953b1b34f7fc60bf0db391661803158d

Score

10^/10

mrblack linux

Malware Config

Targets

- Target
  
  ea096e487a5853558cc9f00936a167a915e97375c4892fe8111252da61d7cfbf
- Size
  
  1.1MB
- MD5
  
  df76bc434765108eecd8cbfb6a8bde76
- SHA1
  
  566a6dd2fd0b0352b7b0867ac72817f9a66fda1c
- SHA256
  
  ea096e487a5853558cc9f00936a167a915e97375c4892fe8111252da61d7cfbf
- SHA512
  
  8e809ab6686de36c0d670aa5217f346377e4074dc49cb802702ab643fba20b325bc65da0961be6e4b98a237f84f59074953b1b34f7fc60bf0db391661803158d
Score

7^/10
- Write file to user bin folder
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1