General

  • Target

    miori.x86

  • Size

    45KB

  • Sample

    220808-y8d8wshgb5

  • MD5

    213274ab177802d9a4b395044c5dcc47

  • SHA1

    42bbc51340fbabf426c65d6314d863d40d1ec81b

  • SHA256

    a9fd235bfac3c9324f3d255dbd45ca664d27bf9e43ef68fece2241087e27c818

  • SHA512

    37509f174d1127ea84b156078b2e7a33d09263059fd083c7cb8355edd331c4251ec97307d3d55ae5b561ca66b83ac7c9638b53f8f8bfeb411b1709c0d62d91fc

Score
9/10

Malware Config

Targets

    • Target

      miori.x86

    • Size

      45KB

    • MD5

      213274ab177802d9a4b395044c5dcc47

    • SHA1

      42bbc51340fbabf426c65d6314d863d40d1ec81b

    • SHA256

      a9fd235bfac3c9324f3d255dbd45ca664d27bf9e43ef68fece2241087e27c818

    • SHA512

      37509f174d1127ea84b156078b2e7a33d09263059fd083c7cb8355edd331c4251ec97307d3d55ae5b561ca66b83ac7c9638b53f8f8bfeb411b1709c0d62d91fc

    Score
    9/10
    • Writes file to system bin folder

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                      Privilege Escalation