fd603d13c31830805a880fbbd914e548d0e437aa3b805512c97b97d89cb310d3 | Triage

Sharing

General

Target

bins.sh
Size

10KB
Sample

241023-fx413avapn
MD5

dee52481d66a96706dfff98a1449ac4b
SHA1

6d3411ca5a408ce08ab71cb7dbf10701489af88d
SHA256

fd603d13c31830805a880fbbd914e548d0e437aa3b805512c97b97d89cb310d3
SHA512

1ebffeb079e49e4a2640cc01dc9e2c70dc856c86a4a9a5662fa3fc7f17b5b9ef639813a41b0250dc1057172fe8939bf23f6f1f124a8b288ba4de9a0d53d6db04
SSDEEP

192:uNbNbN2NHNTJtRtIFtVxegIht58GO8tHN1QBFLNbNbN2NHNTJ7RtIFtjxegIhtRr:uNbNbN2NHNTJtRtIFtOp8GO8t2NbNbNM

Score

7^/10

antivm defense_evasion discovery execution linux persistence privilege_escalatio

Malware Config

Targets

- Target
  
  bins.sh
- Size
  
  10KB
- MD5
  
  dee52481d66a96706dfff98a1449ac4b
- SHA1
  
  6d3411ca5a408ce08ab71cb7dbf10701489af88d
- SHA256
  
  fd603d13c31830805a880fbbd914e548d0e437aa3b805512c97b97d89cb310d3
- SHA512
  
  1ebffeb079e49e4a2640cc01dc9e2c70dc856c86a4a9a5662fa3fc7f17b5b9ef639813a41b0250dc1057172fe8939bf23f6f1f124a8b288ba4de9a0d53d6db04
- SSDEEP
  
  192:uNbNbN2NHNTJtRtIFtVxegIht58GO8tHN1QBFLNbNbN2NHNTJ7RtIFtjxegIhtRr:uNbNbN2NHNTJtRtIFtOp8GO8t2NbNbNM
Score

7^/10

defense_evasion discovery execution persistence privilege_escalatio antivm
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
- Renames itself
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  execution persistence privilege_escalatio
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Cron

Persistence

Scheduled Task/Job

Cron

Privilege Escalation

Scheduled Task/Job

Cron

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Virtualization/Sandbox Evasion

System Checks

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryexecutionpersistenceprivilege_escalatio

behavioral2

antivmdefense_evasiondiscoveryexecutionpersistenceprivilege_escalatio

behavioral3

defense_evasiondiscoveryexecutionpersistenceprivilege_escalatio

behavioral4

defense_evasiondiscoveryexecutionpersistenceprivilege_escalatio