Overview

overview

7

Static

static

1

na.sh

ubuntu-18.04-amd64

3

na.sh

debian-9-armhf

4

na.sh

debian-9-mips

7

na.sh

debian-9-mipsel

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    na.sh

  • Size

    10KB

  • Sample

    241012-k7bjqaxgkl

  • MD5

    80ca2243b51809222dd1938f66349602

  • SHA1

    a1e33e500455fbad3df4f3cdeaae6056e31250cf

  • SHA256

    a0020c4066c9a263f126b68c038b741cdb5970377b329fe262b1b236b9c3c487

  • SHA512

    fc94076f83ce185f24fae1674f1511955469bcc098ddb027c147bfac15edd75acef8d47a1436422a1deaa56114810df4df732ab1b8cb06644e73dffb080ba947

  • SSDEEP

    192:XzfixZta/3sONFkXDqbb85rJiIIdOis8xbb854IIdOiFG/3SzfixZINFkXDU:61RJiIIdOisOIIdOif

Score
7/10
antivmdefense_evasiondiscoveryexecutionlinuxpersistenceprivilege_escalatio

Malware Config

Targets

    • Target

      na.sh

    • Size

      10KB

    • MD5

      80ca2243b51809222dd1938f66349602

    • SHA1

      a1e33e500455fbad3df4f3cdeaae6056e31250cf

    • SHA256

      a0020c4066c9a263f126b68c038b741cdb5970377b329fe262b1b236b9c3c487

    • SHA512

      fc94076f83ce185f24fae1674f1511955469bcc098ddb027c147bfac15edd75acef8d47a1436422a1deaa56114810df4df732ab1b8cb06644e73dffb080ba947

    • SSDEEP

      192:XzfixZta/3sONFkXDqbb85rJiIIdOis8xbb854IIdOiFG/3SzfixZINFkXDU:61RJiIIdOisOIIdOif

    Score
    7/10
    discoveryantivmdefense_evasionexecutionpersistenceprivilege_escalatio

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

      executionpersistenceprivilege_escalatio

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks