General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241025-2c27maxalm

  • MD5

    2fb03a59bc89969794a79138333dfa98

  • SHA1

    67a310cd7bb6ea12ddc0ebdefb8f020452f43e6e

  • SHA256

    a38c216414a4c0cb0155d1c9f630deeac35f609492b1a3bb781778c5ee2244be

  • SHA512

    aec0167393e5c70c0ca8ab6e057baafe306bfbb3b382dc9cfa77a5b1760e42e42668b5e790c357784c70f21ee206dae7bb2a23a8338bfe211df9a1d3ab288e17

  • SSDEEP

    192:pEO+ncQECFCRCqCTCbCMlH+Rf3I1FD2L7GRNBf3I1FDuL7GRNNCFCRCqCTCbCqOP:pEO+ncQClH+Rf3I1x2L7GRNBf3I1xuLN

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      2fb03a59bc89969794a79138333dfa98

    • SHA1

      67a310cd7bb6ea12ddc0ebdefb8f020452f43e6e

    • SHA256

      a38c216414a4c0cb0155d1c9f630deeac35f609492b1a3bb781778c5ee2244be

    • SHA512

      aec0167393e5c70c0ca8ab6e057baafe306bfbb3b382dc9cfa77a5b1760e42e42668b5e790c357784c70f21ee206dae7bb2a23a8338bfe211df9a1d3ab288e17

    • SSDEEP

      192:pEO+ncQECFCRCqCTCbCMlH+Rf3I1FD2L7GRNBf3I1FDuL7GRNNCFCRCqCTCbCqOP:pEO+ncQClH+Rf3I1x2L7GRNBf3I1xuLN

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks