General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241025-l8g9bsxhlc

  • MD5

    299e3eee8ba97e2cce60a538791efb7a

  • SHA1

    049e623d59b101dc58897e17933fb5712e4b4aa3

  • SHA256

    8492ea26ebaa48bb2691eecf452262588208f2724eb655ba7a47fb167b749dd3

  • SHA512

    9c085ba3166b957035f9f6bae34dee87703754d2f838459dda154a30747bd0cd16976b6deea087c685f86a00419124c74fcba1884e9fab31054ab876afd2ab2d

  • SSDEEP

    192:DlaNzAg18AMYkrYQZW49k2WXAg18AGYkrYQZ1z:DlaNzAg18A0W49k2WXAg18AK1z

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      299e3eee8ba97e2cce60a538791efb7a

    • SHA1

      049e623d59b101dc58897e17933fb5712e4b4aa3

    • SHA256

      8492ea26ebaa48bb2691eecf452262588208f2724eb655ba7a47fb167b749dd3

    • SHA512

      9c085ba3166b957035f9f6bae34dee87703754d2f838459dda154a30747bd0cd16976b6deea087c685f86a00419124c74fcba1884e9fab31054ab876afd2ab2d

    • SSDEEP

      192:DlaNzAg18AMYkrYQZW49k2WXAg18AGYkrYQZ1z:DlaNzAg18A0W49k2WXAg18AK1z

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks