General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241025-rhtsbs1bmb

  • MD5

    45ae71f0652941d7bf814771748520ea

  • SHA1

    e8b37887a0ca197ad2d33655b1decdc78508d10f

  • SHA256

    c27241454844c87c589427369a4064a38717228e4faf0dab9d1eaf5ffc2d381d

  • SHA512

    6a667c6833bd217f714f47c800f56823c954a461c1ca095dd07e0083620a8c370d059f9485ea6efda924af612df06140ac9d3065254130be61dcc8cbb55eb9ae

  • SSDEEP

    192:PooP+8tJBVEf/N0qOy58k3GPiFnn6lBfOy58kGooP+OBVEf/vSRnn6lB9:VtJBVEf/N0qOy58k3GP8nn6lBfOy58kn

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      45ae71f0652941d7bf814771748520ea

    • SHA1

      e8b37887a0ca197ad2d33655b1decdc78508d10f

    • SHA256

      c27241454844c87c589427369a4064a38717228e4faf0dab9d1eaf5ffc2d381d

    • SHA512

      6a667c6833bd217f714f47c800f56823c954a461c1ca095dd07e0083620a8c370d059f9485ea6efda924af612df06140ac9d3065254130be61dcc8cbb55eb9ae

    • SSDEEP

      192:PooP+8tJBVEf/N0qOy58k3GPiFnn6lBfOy58kGooP+OBVEf/vSRnn6lB9:VtJBVEf/N0qOy58k3GP8nn6lBfOy58kn

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks