General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241025-xh2qts1kdv

  • MD5

    fce3a6b29ced4ef8426970d985e3a113

  • SHA1

    ad51aac276d9bca226d31ef76e85a143bd0427c6

  • SHA256

    dfdf37b43a305130f4ef010a97881cbef924ab8e0c6947b2ea77b6af14c42f5d

  • SHA512

    e4796bc153a558602c2fd5df97f9694a7376d5f882ef112139d701d6f56cb5dcd1f1a6340062501e932a7402788ece59f71bf34f607e2f242c663c1d13173745

  • SSDEEP

    192:ocIhQoyqg4tixUuwaSWpii9afwmCSeMOoSWpiiXcIhQolg4tixUiJ:ocIhQoyAaSWpii9afwmCSeMOoSWpiiXa

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      fce3a6b29ced4ef8426970d985e3a113

    • SHA1

      ad51aac276d9bca226d31ef76e85a143bd0427c6

    • SHA256

      dfdf37b43a305130f4ef010a97881cbef924ab8e0c6947b2ea77b6af14c42f5d

    • SHA512

      e4796bc153a558602c2fd5df97f9694a7376d5f882ef112139d701d6f56cb5dcd1f1a6340062501e932a7402788ece59f71bf34f607e2f242c663c1d13173745

    • SSDEEP

      192:ocIhQoyqg4tixUuwaSWpii9afwmCSeMOoSWpiiXcIhQolg4tixUiJ:ocIhQoyAaSWpii9afwmCSeMOoSWpiiXa

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks