General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241025-zkvfms1rgk

  • MD5

    6622899f016cb721bf50c5a628a8bae6

  • SHA1

    7440d8be95fca63b46eb93fafc394aba88eb28ff

  • SHA256

    23338334204b2681e35beda87fffbda32911be27c06b41025c105407e1b4008b

  • SHA512

    f1bcaa75ac0a0f1ff3db3f24cc9a071eb620e1b08940505046d3d63ab01e93a7dab38179cf6ca6b74d5321fad30644b64c981042eb4cd84f56dfc794965fa83c

  • SSDEEP

    192:/6oYAwq2ZoEW1txaP3Zl1oYAwq2QtxaP3L0:/hKoEW1txaP3ZlYHtxaP3L0

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      6622899f016cb721bf50c5a628a8bae6

    • SHA1

      7440d8be95fca63b46eb93fafc394aba88eb28ff

    • SHA256

      23338334204b2681e35beda87fffbda32911be27c06b41025c105407e1b4008b

    • SHA512

      f1bcaa75ac0a0f1ff3db3f24cc9a071eb620e1b08940505046d3d63ab01e93a7dab38179cf6ca6b74d5321fad30644b64c981042eb4cd84f56dfc794965fa83c

    • SSDEEP

      192:/6oYAwq2ZoEW1txaP3Zl1oYAwq2QtxaP3L0:/hKoEW1txaP3ZlYHtxaP3L0

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks