General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241025-rv9z3s1cpe

  • MD5

    8a4ed338fed097c0180116fbca57b245

  • SHA1

    ea424e32e9159fbc4867904b838db5dcb8301814

  • SHA256

    c77a7c93a06387f93ae43acf0c5a25935b198c1b1877625be1e0671e0476ad00

  • SHA512

    32b8296be820deed8a609c9af4f99162c58d679d0421a224e91a8968070a1c80281267226bd5f4a75cf45dbe99439cdb1834b5c1fb63ebc47d67053ee9ab49c0

  • SSDEEP

    192:1yyP+8TXPjEf/NeQk458krihO/ZZ6lBvk458koyyP+GPjEf/rwbZZ6lB9:XTXPjEf/NeQk458krihaZZ6lBvk458kV

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      8a4ed338fed097c0180116fbca57b245

    • SHA1

      ea424e32e9159fbc4867904b838db5dcb8301814

    • SHA256

      c77a7c93a06387f93ae43acf0c5a25935b198c1b1877625be1e0671e0476ad00

    • SHA512

      32b8296be820deed8a609c9af4f99162c58d679d0421a224e91a8968070a1c80281267226bd5f4a75cf45dbe99439cdb1834b5c1fb63ebc47d67053ee9ab49c0

    • SSDEEP

      192:1yyP+8TXPjEf/NeQk458krihO/ZZ6lBvk458koyyP+GPjEf/rwbZZ6lB9:XTXPjEf/NeQk458krihaZZ6lBvk458kV

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks