mrblack | 29f2a7e4500ae2f34dd7b62d6616e2de3ca89d5c87b1e76184f2e4ab52e002f5 | Triage

Submit
Reports

Overview

overview

Static

static

490eb7a7e1...206ab9

ubuntu-24.04-amd64

7

Sharing

General

Target

490eb7a7e1e1ed361801e18128206ab9
Size

1.2MB
Sample

241018-jr19rsybll
MD5

490eb7a7e1e1ed361801e18128206ab9
SHA1

ed40d1d0313b032b5cf12ed43fbf01e3d4a83bbe
SHA256

29f2a7e4500ae2f34dd7b62d6616e2de3ca89d5c87b1e76184f2e4ab52e002f5
SHA512

605fc001e7cc8cfe1346e9e0cd2ad544b0834d49b3023d4ab58bf574d53cc52ce5d0e853a8e4acadffd948bed1f7ec936cf919a714a2fa91e163d546325d8fd8
SSDEEP

24576:e845rGHu6gVJKG75oFpA0VWeX462y1q2rJp0:745vRVJKGtSA0VWeo5u9p0

Score

10^/10

mrblack defense_evasion discovery linux persistence rootkit

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

490eb7a7e1e1ed361801e18128206ab9

Resource

ubuntu2404-amd64-20240523-en

defense_evasion discovery persistence rootkit

ubuntu-24.04-amd64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  490eb7a7e1e1ed361801e18128206ab9
- Size
  
  1.2MB
- MD5
  
  490eb7a7e1e1ed361801e18128206ab9
- SHA1
  
  ed40d1d0313b032b5cf12ed43fbf01e3d4a83bbe
- SHA256
  
  29f2a7e4500ae2f34dd7b62d6616e2de3ca89d5c87b1e76184f2e4ab52e002f5
- SHA512
  
  605fc001e7cc8cfe1346e9e0cd2ad544b0834d49b3023d4ab58bf574d53cc52ce5d0e853a8e4acadffd948bed1f7ec936cf919a714a2fa91e163d546325d8fd8
- SSDEEP
  
  24576:e845rGHu6gVJKG75oFpA0VWeX462y1q2rJp0:745vRVJKGtSA0VWeo5u9p0
Score

7^/10

defense_evasion discovery persistence rootkit
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
- Loads a kernel module
  Loads a Linux kernel module, potentially to achieve persistence
  rootkit
- Write file to user bin folder
  persistence
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistencerootkit

© 2018-2024

Terms | Privacy