mrblack | 489566ae52ff7d91debde176382bc81523bad6bad4b8d1f814576e932d498907 | Triage

Submit
Reports

Overview

overview

Static

static

489566ae52...498907

ubuntu-24.04-amd64

7

Sharing

General

Target

489566ae52ff7d91debde176382bc81523bad6bad4b8d1f814576e932d498907
Size

1.2MB
Sample

241125-w95fcszqft
MD5

db0533432eb1071c80086e843a2010ec
SHA1

f77840fb1fe66b251b8327544bd52f9dd55b32cc
SHA256

489566ae52ff7d91debde176382bc81523bad6bad4b8d1f814576e932d498907
SHA512

58690d8d6f99f6b30f199b9ec7ce6ee2ec210992fe2b6f159d4c7c45baba772c717d9b771e033b1a65c9ea0a4d66cf10c7d70a783d964fc837d8c556793099e8
SSDEEP

24576:e845rGHu6gVJKG75oFpA0VWeX4F2y1q2rJp0:745vRVJKGtSA0VWeosu9p0

Score

10^/10

mrblack defense_evasion discovery linux persistence rootkit

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

489566ae52ff7d91debde176382bc81523bad6bad4b8d1f814576e932d498907

Resource

ubuntu2404-amd64-20240523-en

defense_evasion discovery persistence rootkit

ubuntu-24.04-amd64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  489566ae52ff7d91debde176382bc81523bad6bad4b8d1f814576e932d498907
- Size
  
  1.2MB
- MD5
  
  db0533432eb1071c80086e843a2010ec
- SHA1
  
  f77840fb1fe66b251b8327544bd52f9dd55b32cc
- SHA256
  
  489566ae52ff7d91debde176382bc81523bad6bad4b8d1f814576e932d498907
- SHA512
  
  58690d8d6f99f6b30f199b9ec7ce6ee2ec210992fe2b6f159d4c7c45baba772c717d9b771e033b1a65c9ea0a4d66cf10c7d70a783d964fc837d8c556793099e8
- SSDEEP
  
  24576:e845rGHu6gVJKG75oFpA0VWeX4F2y1q2rJp0:745vRVJKGtSA0VWeosu9p0
Score

7^/10

defense_evasion discovery persistence rootkit
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
- Loads a kernel module
  Loads a Linux kernel module, potentially to achieve persistence
  rootkit
- Write file to user bin folder
  persistence
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistencerootkit

© 2018-2025

Terms | Privacy