mrblack | b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe

Analysis

max time kernel
41s
max time network
42s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20240522.1-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20240522.1-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
26-06-2024 16:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
Size

1.2MB
MD5

a011ae821ae822bade7ef4f396dcc20c
SHA1

dee10d43f35c7a8513f7e2180eada022152081be
SHA256

b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
SHA512

14e3ff9968a4201f56d9b3e14441fa4ab47e3b400bc6d7a02577828d3675aa75810963fb23b8ba718505acd7f8b762124edbb98fb42f7d7ab6c79ea58264bea5
SSDEEP

24576:e845rGHu6gVJKG75oFpA0VWeX4r2y1q2rJp0:745vRVJKGtSA0VWeoau9p0

Score

10^/10

mrblack antivm botnet persistence trojan

Malware Config

Signatures

MrBlack Trojan
IoT botnet which infects routers to be used for DDoS attacks.
trojan botnet mrblack
MrBlack trojan 1 IoCs

Processes:

resource yara_rule

/usr/bin/bsd-port/getty family_mrblack
Executes dropped EXE 2 IoCs

Processes:

getty.sshd

ioc pid process

/usr/bin/bsd-port/getty 1593 getty
/usr/bin/.sshd 1617 .sshd
Modifies init.d 1 TTPs 2 IoCs
Adds/modifies system service, likely for persistence.
persistence

Boot or Logon Autostart Execution
T1547

Processes:

b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbegetty

description ioc process

File opened for modification /etc/init.d/DbSecuritySpt b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
File opened for modification /etc/init.d/selinux getty
Reads system routing table 1 TTPs 2 IoCs
Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery
T1016

Processes:

gettyb7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe

description ioc process

File opened for reading /proc/net/route getty
File opened for reading /proc/net/route b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe

resource	yara_rule
/usr/bin/bsd-port/getty	family_mrblack

ioc	pid	process
/usr/bin/bsd-port/getty	1593	getty
/usr/bin/.sshd	1617	.sshd

description	ioc	process
File opened for modification	/etc/init.d/DbSecuritySpt	b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
File opened for modification	/etc/init.d/selinux	getty

description	ioc	process
File opened for reading	/proc/net/route	getty
File opened for reading	/proc/net/route	b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe

Write file to user bin folder 1 TTPs 12 IoCs

Hijack Execution Flow

T1574

Processes:

cpcpcpgettyb7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbecpcpcpcpcp

description	ioc	process
File opened for modification	/usr/bin/.sshd	cp
File opened for modification	/usr/bin/dpkgd/ps	cp
File opened for modification	/usr/bin/ps	cp
File opened for modification	/usr/bin/bsd-port/conf.n	getty
File opened for modification	/usr/bin/bsd-port/getty.lock	b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
File opened for modification	/usr/bin/bsd-port/getty.lock	getty
File opened for modification	/usr/bin/dpkgd/lsof	cp
File opened for modification	/usr/bin/dpkgd/ss	cp
File opened for modification	/usr/bin/lsof	cp
File opened for modification	/usr/bin/ss	cp
File opened for modification	/usr/bin/bsd-port/udevd.lock	b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
File opened for modification	/usr/bin/bsd-port/getty	cp

Writes file to system bin folder 1 TTPs 3 IoCs

Hijack Execution Flow
T1574

Processes:

cpcpcp

description ioc process

File opened for modification /bin/lsof cp
File opened for modification /bin/ps cp
File opened for modification /bin/ss cp
Checks CPU configuration 1 TTPs 2 IoCs
Checks CPU information which indicate if the system is a virtual machine.
antivm

Virtualization/Sandbox Evasion
T1497

Processes:

gettyb7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe

description ioc process

File opened for reading /proc/cpuinfo getty
File opened for reading /proc/cpuinfo b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe

description	ioc	process
File opened for modification	/bin/lsof	cp
File opened for modification	/bin/ps	cp
File opened for modification	/bin/ss	cp

description	ioc	process
File opened for reading	/proc/cpuinfo	getty
File opened for reading	/proc/cpuinfo	b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe

Reads system network configuration 1 TTPs 6 IoCs

Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery

T1016

Processes:

gettyb7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe

description	ioc	process
File opened for reading	/proc/net/dev	getty
File opened for reading	/proc/net/dev	b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
File opened for reading	/proc/net/route	b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
File opened for reading	/proc/net/arp	b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
File opened for reading	/proc/net/route	getty
File opened for reading	/proc/net/arp	getty

Reads runtime system information 37 IoCs

Reads data from /proc virtual filesystem.

Processes:

b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbemkdirmkdirmkdircpgettycpmkdircpcpcpmkdirmkdirinsmodinsmodmkdircpmkdirmkdirmkdir.sshdcpmkdirmkdirmkdircpmkdircpcpmkdirmkdircpmkdir

description	ioc	process
File opened for reading	/proc/sys/kernel/version	b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/meminfo	getty
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/stat	b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
File opened for reading	/proc/sys/kernel/version	getty
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/cmdline	insmod
File opened for reading	/proc/cmdline	insmod
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/sys/kernel/version	.sshd
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/stat	getty
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/filesystems	cp
File opened for reading	/proc/filesystems	mkdir
File opened for reading	/proc/meminfo	b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe

Writes file to tmp directory 7 IoCs

Malware often drops required files in the /tmp directory.

Processes:

b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe.sshd

description	ioc	process
File opened for modification	/tmp/moni.lod	b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
File opened for modification	/tmp/bill.lock	b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
File opened for modification	/tmp/gates.lod	b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
File opened for modification	/tmp/notify.file	b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
File opened for modification	/tmp/moni.lod	.sshd
File opened for modification	/tmp/notify.file	.sshd
File opened for modification	/tmp/conf.n	b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe

/tmp/b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
/tmp/b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe
1⤵
- Modifies init.d
- Reads system routing table
- Write file to user bin folder
- Checks CPU configuration
- Reads system network configuration
- Reads runtime system information
- Writes file to tmp directory
PID:1563

/bin/sh
sh -c "ln -s /etc/init.d/DbSecuritySpt /etc/rc1.d/S97DbSecuritySpt"
2⤵
PID:1575

/usr/bin/ln
ln -s /etc/init.d/DbSecuritySpt /etc/rc1.d/S97DbSecuritySpt
3⤵
PID:1576

/bin/sh
sh -c "ln -s /etc/init.d/DbSecuritySpt /etc/rc2.d/S97DbSecuritySpt"
2⤵
PID:1577

/usr/bin/ln
ln -s /etc/init.d/DbSecuritySpt /etc/rc2.d/S97DbSecuritySpt
3⤵
PID:1578

/bin/sh
sh -c "ln -s /etc/init.d/DbSecuritySpt /etc/rc3.d/S97DbSecuritySpt"
2⤵
PID:1579

/usr/bin/ln
ln -s /etc/init.d/DbSecuritySpt /etc/rc3.d/S97DbSecuritySpt
3⤵
PID:1580

/bin/sh
sh -c "ln -s /etc/init.d/DbSecuritySpt /etc/rc4.d/S97DbSecuritySpt"
2⤵
PID:1581

/usr/bin/ln
ln -s /etc/init.d/DbSecuritySpt /etc/rc4.d/S97DbSecuritySpt
3⤵
PID:1582

/bin/sh
sh -c "ln -s /etc/init.d/DbSecuritySpt /etc/rc5.d/S97DbSecuritySpt"
2⤵
PID:1583

/usr/bin/ln
ln -s /etc/init.d/DbSecuritySpt /etc/rc5.d/S97DbSecuritySpt
3⤵
PID:1584

/bin/sh
sh -c "mkdir -p /usr/bin/bsd-port"
2⤵
PID:1585

/usr/bin/mkdir
mkdir -p /usr/bin/bsd-port
3⤵
- Reads runtime system information
PID:1586

/bin/sh
sh -c "mkdir -p /usr/bin/bsd-port"
2⤵
PID:1587

/usr/bin/mkdir
mkdir -p /usr/bin/bsd-port
3⤵
- Reads runtime system information
PID:1588

/bin/sh
sh -c "cp -f /tmp/b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe /usr/bin/bsd-port/getty"
2⤵
PID:1589

/usr/bin/cp
cp -f /tmp/b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe /usr/bin/bsd-port/getty
3⤵
- Write file to user bin folder
- Reads runtime system information
PID:1590

/bin/sh
sh -c /usr/bin/bsd-port/getty
2⤵
PID:1592

/usr/bin/bsd-port/getty
/usr/bin/bsd-port/getty
3⤵
- Executes dropped EXE
- Modifies init.d
- Reads system routing table
- Write file to user bin folder
- Checks CPU configuration
- Reads system network configuration
- Reads runtime system information
PID:1593

/bin/sh
sh -c "ln -s /etc/init.d/selinux /etc/rc1.d/S99selinux"
4⤵
PID:1601

/usr/bin/ln
ln -s /etc/init.d/selinux /etc/rc1.d/S99selinux
5⤵
PID:1602

/bin/sh
sh -c "ln -s /etc/init.d/selinux /etc/rc2.d/S99selinux"
4⤵
PID:1603

/usr/bin/ln
ln -s /etc/init.d/selinux /etc/rc2.d/S99selinux
5⤵
PID:1604

/bin/sh
sh -c "ln -s /etc/init.d/selinux /etc/rc3.d/S99selinux"
4⤵
PID:1605

/usr/bin/ln
ln -s /etc/init.d/selinux /etc/rc3.d/S99selinux
5⤵
PID:1606

/bin/sh
sh -c "ln -s /etc/init.d/selinux /etc/rc4.d/S99selinux"
4⤵
PID:1607

/usr/bin/ln
ln -s /etc/init.d/selinux /etc/rc4.d/S99selinux
5⤵
PID:1608

/bin/sh
sh -c "ln -s /etc/init.d/selinux /etc/rc5.d/S99selinux"
4⤵
PID:1609

/usr/bin/ln
ln -s /etc/init.d/selinux /etc/rc5.d/S99selinux
5⤵
PID:1610

/bin/sh
sh -c "mkdir -p /usr/bin/dpkgd"
4⤵
PID:1611

/usr/bin/mkdir
mkdir -p /usr/bin/dpkgd
5⤵
- Reads runtime system information
PID:1612

/bin/sh
sh -c "cp -f /bin/lsof /usr/bin/dpkgd/lsof"
4⤵
PID:1613

/usr/bin/cp
cp -f /bin/lsof /usr/bin/dpkgd/lsof
5⤵
- Write file to user bin folder
- Reads runtime system information
PID:1614

/bin/sh
sh -c "mkdir -p /bin"
4⤵
PID:1618

/usr/bin/mkdir
mkdir -p /bin
5⤵
- Reads runtime system information
PID:1619

/bin/sh
sh -c "mkdir -p /bin"
4⤵
PID:1620

/usr/bin/mkdir
mkdir -p /bin
5⤵
- Reads runtime system information
PID:1621

/bin/sh
sh -c "cp -f /usr/bin/bsd-port/getty /bin/lsof"
4⤵
PID:1622

/usr/bin/cp
cp -f /usr/bin/bsd-port/getty /bin/lsof
5⤵
- Writes file to system bin folder
- Reads runtime system information
PID:1623

/bin/sh
sh -c "chmod 0755 /bin/lsof"
4⤵
PID:1624

/usr/bin/chmod
chmod 0755 /bin/lsof
5⤵
PID:1625

/bin/sh
sh -c "cp -f /bin/ps /usr/bin/dpkgd/ps"
4⤵
PID:1626

/usr/bin/cp
cp -f /bin/ps /usr/bin/dpkgd/ps
5⤵
- Write file to user bin folder
- Reads runtime system information
PID:1627

/bin/sh
sh -c "mkdir -p /bin"
4⤵
PID:1628

/usr/bin/mkdir
mkdir -p /bin
5⤵
- Reads runtime system information
PID:1629

/bin/sh
sh -c "mkdir -p /bin"
4⤵
PID:1630

/usr/bin/mkdir
mkdir -p /bin
5⤵
- Reads runtime system information
PID:1631

/bin/sh
sh -c "cp -f /usr/bin/bsd-port/getty /bin/ps"
4⤵
PID:1632

/usr/bin/cp
cp -f /usr/bin/bsd-port/getty /bin/ps
5⤵
- Writes file to system bin folder
- Reads runtime system information
PID:1633

/bin/sh
sh -c "chmod 0755 /bin/ps"
4⤵
PID:1634

/usr/bin/chmod
chmod 0755 /bin/ps
5⤵
PID:1635

/bin/sh
sh -c "cp -f /bin/ss /usr/bin/dpkgd/ss"
4⤵
PID:1636

/usr/bin/cp
cp -f /bin/ss /usr/bin/dpkgd/ss
5⤵
- Write file to user bin folder
- Reads runtime system information
PID:1637

/bin/sh
sh -c "mkdir -p /bin"
4⤵
PID:1638

/usr/bin/mkdir
mkdir -p /bin
5⤵
- Reads runtime system information
PID:1639

/bin/sh
sh -c "mkdir -p /bin"
4⤵
PID:1640

/usr/bin/mkdir
mkdir -p /bin
5⤵
- Reads runtime system information
PID:1641

/bin/sh
sh -c "cp -f /usr/bin/bsd-port/getty /bin/ss"
4⤵
PID:1642

/usr/bin/cp
cp -f /usr/bin/bsd-port/getty /bin/ss
5⤵
- Writes file to system bin folder
- Reads runtime system information
PID:1643

/bin/sh
sh -c "chmod 0755 /bin/ss"
4⤵
PID:1644

/usr/bin/chmod
chmod 0755 /bin/ss
5⤵
PID:1645

/bin/sh
sh -c "mkdir -p /usr/bin"
4⤵
PID:1646

/usr/bin/mkdir
mkdir -p /usr/bin
5⤵
- Reads runtime system information
PID:1647

/bin/sh
sh -c "mkdir -p /usr/bin"
4⤵
PID:1648

/usr/bin/mkdir
mkdir -p /usr/bin
5⤵
- Reads runtime system information
PID:1649

/bin/sh
sh -c "cp -f /usr/bin/bsd-port/getty /usr/bin/lsof"
4⤵
PID:1650

/usr/bin/cp
cp -f /usr/bin/bsd-port/getty /usr/bin/lsof
5⤵
- Write file to user bin folder
- Reads runtime system information
PID:1651

/bin/sh
sh -c "chmod 0755 /usr/bin/lsof"
4⤵
PID:1652

/usr/bin/chmod
chmod 0755 /usr/bin/lsof
5⤵
PID:1653

/bin/sh
sh -c "mkdir -p /usr/bin"
4⤵
PID:1654

/usr/bin/mkdir
mkdir -p /usr/bin
5⤵
- Reads runtime system information
PID:1655

/bin/sh
sh -c "mkdir -p /usr/bin"
4⤵
PID:1656

/usr/bin/mkdir
mkdir -p /usr/bin
5⤵
- Reads runtime system information
PID:1657

/bin/sh
sh -c "cp -f /usr/bin/bsd-port/getty /usr/bin/ps"
4⤵
PID:1658

/usr/bin/cp
cp -f /usr/bin/bsd-port/getty /usr/bin/ps
5⤵
- Write file to user bin folder
- Reads runtime system information
PID:1659

/bin/sh
sh -c "chmod 0755 /usr/bin/ps"
4⤵
PID:1660

/usr/bin/chmod
chmod 0755 /usr/bin/ps
5⤵
PID:1661

/bin/sh
sh -c "mkdir -p /usr/bin"
4⤵
PID:1662

/usr/bin/mkdir
mkdir -p /usr/bin
5⤵
- Reads runtime system information
PID:1663

/bin/sh
sh -c "mkdir -p /usr/bin"
4⤵
PID:1664

/usr/bin/mkdir
mkdir -p /usr/bin
5⤵
- Reads runtime system information
PID:1665

/bin/sh
sh -c "cp -f /usr/bin/bsd-port/getty /usr/bin/ss"
4⤵
PID:1666

/usr/bin/cp
cp -f /usr/bin/bsd-port/getty /usr/bin/ss
5⤵
- Write file to user bin folder
- Reads runtime system information
PID:1667

/bin/sh
sh -c "chmod 0755 /usr/bin/ss"
4⤵
PID:1668

/usr/bin/chmod
chmod 0755 /usr/bin/ss
5⤵
PID:1669

/bin/sh
sh -c "insmod /usr/bin/bsd-port/xpacket.ko"
4⤵
PID:1682

/usr/sbin/insmod
insmod /usr/bin/bsd-port/xpacket.ko
5⤵
- Reads runtime system information
PID:1683

/bin/sh
sh -c "mkdir -p /usr/bin"
2⤵
PID:1595

/usr/bin/mkdir
mkdir -p /usr/bin
3⤵
- Reads runtime system information
PID:1596

/bin/sh
sh -c "mkdir -p /usr/bin"
2⤵
PID:1597

/usr/bin/mkdir
mkdir -p /usr/bin
3⤵
- Reads runtime system information
PID:1598

/bin/sh
sh -c "cp -f /tmp/b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe /usr/bin/.sshd"
2⤵
PID:1599

/usr/bin/cp
cp -f /tmp/b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe /usr/bin/.sshd
3⤵
- Write file to user bin folder
- Reads runtime system information
PID:1600

/bin/sh
sh -c /usr/bin/.sshd
2⤵
PID:1616

/usr/bin/.sshd
/usr/bin/.sshd
3⤵
- Executes dropped EXE
- Reads runtime system information
- Writes file to tmp directory
PID:1617

/bin/sh
sh -c "insmod /tmp/xpacket.ko"
2⤵
PID:1684

/usr/sbin/insmod
insmod /tmp/xpacket.ko
3⤵
- Reads runtime system information
PID:1685

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

/etc/init.d/DbSecuritySpt
Filesize
82B

MD5
4e1b59ecaba7aec367ecca3166e70fec

SHA1
1f0e661c74a5f263038033a4e0a8b449244cf22b

SHA256
88f4278f98f1e7dd75321b2cf68d969e2b94961c911c6048f439ec49026bdebb

SHA512
0d143b8fb1766b4ecf034225e794f42f931d363ffd3a8a1f6db29819a1aa7dab65f6490883333d233d8031a1ff5d96a600e3e035e86efcea485be5ad354329b1

Download Submit
/etc/init.d/selinux
Filesize
36B

MD5
993cc15058142d96c3daf7852c3d5ee8

SHA1
0950b8b391b04dd3895ea33cd3141543ebd2525d

SHA256
8171d077918611803d93088409f220c66fae1c670b297e1aa5d8cbd548ce9208

SHA512
0c4256c00a3710f97e92581b552682b36b62afc35fe72622c491323c618c19ea62611ac04ccafc3dfcde2254a2ebbd93b69b66795b16e36332293bed83adb928

Download Submit
/tmp/conf.n
Filesize
73B

MD5
6c16a265e898152cab0d8f691982fe38

SHA1
89bd13bf7006c3ad2662217463bca57df549d844

SHA256
b93b44a01b890bc475a5bd3e14e6044cb5e3b339cd5b4267a124e326a494f0f1

SHA512
966a1ab59b16a3b98c68d8c6777d977f454dab853eff2272781379be2aa0cdc09c28c7556eaeda59730630a173dd72cfb9789197069060219e1ef7c3ebae865d

Download Submit
/tmp/gates.lod
Filesize
4B

MD5
facf9f743b083008a894eee7baa16469

SHA1
fe286d02f80118de47f2226c2fce9f7be0bc04f0

SHA256
2163909115c0f6f1e638bd2c2279387cbe37cc327150a7b5cddfde3d1cd4ef0e

SHA512
7bd3d1d347d68f23d612a3ec7a1d2f4094874162441bae20122876ea980bbb76a3c46d5d2e393975ea0659fb2b58046a311d7660f226482a57a74e9ffd9b0f36

Download Submit
/tmp/moni.lod
Filesize
4B

MD5
148510031349642de5ca0c544f31b2ef

SHA1
77414e9365b4fa9ec8273893dd82c95a64dc4278

SHA256
f8646a257c0c4273b72c83c5d563ba1acda190626677d3cb89dc748e00182315

SHA512
d8e4328915ce1a8f714dd6190f6cc6a6cb72b0acebf66596fef3aa56facc5a87c97e477a15860e9c561af0150f9592e37dbfa75ae046346c847888e5a2c39301

Download Submit
/tmp/notify.file
Filesize
69B

MD5
c726546814e8a3c06bddf4417585d127

SHA1
59dcd57473d230428b86a3ca0a5514877910ae6a

SHA256
c8a987df4990d2b05f19b9a597fcf640375aaba1e9b7fae2ce3cda09670998ae

SHA512
4c5c537bec2b3c84b609fa76f1c093b9ad6abb456ee10c339cdab2342a60e9a9fa9cb7a3bdd5219f529b572896e868ccd8b824efb8496a564537ff8f40f2db5a

Download Submit
/usr/bin/bsd-port/getty
Filesize
1.2MB

MD5
a011ae821ae822bade7ef4f396dcc20c

SHA1
dee10d43f35c7a8513f7e2180eada022152081be

SHA256
b7596ec8533098af77fd3b2915f102ed3286c437140cc49ba60fbad80b466cbe

SHA512
14e3ff9968a4201f56d9b3e14441fa4ab47e3b400bc6d7a02577828d3675aa75810963fb23b8ba718505acd7f8b762124edbb98fb42f7d7ab6c79ea58264bea5

Download Submit
/usr/bin/dpkgd/lsof
Filesize
163KB

MD5
ab57b66cc531ae0f996963223e632b60

SHA1
bf7e5becd33f21c2539f5a75ffa0ab61c49c8795

SHA256
2484863a7bfda7f97b90bfd5dfceed4ec9f27dd51f9c5158c8daabbf4309b1df

SHA512
908acef13f3c1d80b7169ec3b16bb67006013453348fff75550bc3c6c2137e798b21d7990edbd5be63d756d9c41b06160aebf38aa80547e4bafa3a62596057f6

Download Submit
/usr/bin/dpkgd/ps
Filesize
138KB

MD5
8146139c2ad7e550b1d1f49480997446

SHA1
074db8890c3227bd8a588417f5b9bde637bcf3af

SHA256
207df9d438f75185ab3af2ab1173d104831a6631c28ef40d38b2ab43de27b40f

SHA512
b6d71d537f593b9af833e6f798e412e95fc486a313414ed8cca9639f61be7ac9dca700e9f861c0d07c7f65b3783127a67f829f422472cad8938ba01d397ab9de

Download Submit
/usr/bin/dpkgd/ss
Filesize
125KB

MD5
1b25ac945efae8520ba112b500e2d561

SHA1
8324c4d1d1427829266e82f203386232ff82af15

SHA256
5eb16d9a8bc81fe767725874e3f67623b8e86b46ec93546be49c5b09d3ab4636

SHA512
e191f967170ea4844f736c5ab75b7bf45fef3af34f0a4bef0d36475d646b0b089449fe39806664b9f6ce1984037687930cc368892230662c8c30f67fa3ac216e

Download Submit