General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241025-rey8ms1bjg

  • MD5

    390e33e0590422d590976c782a981c2a

  • SHA1

    cf20852c1c3943fc0bfd5d68242f965891341bd8

  • SHA256

    3fb828b1aca1564509e1bf844b9e2d50bb044a56f0af019936b79beb600e982f

  • SHA512

    a6f0f50a822742e09604f5d5c5ca0ba52eb77c3a473129b310c737a9830cea91ec3ac30aa9b7034452e1be688f7b004dec028f84d14ffab4cef1c7b1520f335b

  • SSDEEP

    192:DqqP+8LP37Ef/N8o8A58k7MZ+HBB6lBj8A58kaqqP+237Ef/1IjBB6lB9:XLP37Ef/N8o8A58k7MZQBB6lBj8A58kl

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      390e33e0590422d590976c782a981c2a

    • SHA1

      cf20852c1c3943fc0bfd5d68242f965891341bd8

    • SHA256

      3fb828b1aca1564509e1bf844b9e2d50bb044a56f0af019936b79beb600e982f

    • SHA512

      a6f0f50a822742e09604f5d5c5ca0ba52eb77c3a473129b310c737a9830cea91ec3ac30aa9b7034452e1be688f7b004dec028f84d14ffab4cef1c7b1520f335b

    • SSDEEP

      192:DqqP+8LP37Ef/N8o8A58k7MZ+HBB6lBj8A58kaqqP+237Ef/1IjBB6lB9:XLP37Ef/N8o8A58k7MZQBB6lBj8A58kl

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks