General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241025-zve4psvcmb

  • MD5

    50c4ba7797ee880e9ff915e06ca01787

  • SHA1

    14b613cb56406494af1e7dd648c1a7300c55d971

  • SHA256

    c4e0c84e4e7ae8d57a0394b4c4e8f1acbde06b4e90d462c9eb53007e0513570e

  • SHA512

    62ca568a43813d809ed3e38444689943a7bb93b22118cd4ec29a489b769e2f3b9046b7760f8db4e4770420e03835150af36e34716d5d75a98ef716adbf1879e1

  • SSDEEP

    192:JiyiAwq2DgEWrzHaP3/PPyiAwq2wzHaP3V0:JragEWrzHaP3/P0FzHaP3V0

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      50c4ba7797ee880e9ff915e06ca01787

    • SHA1

      14b613cb56406494af1e7dd648c1a7300c55d971

    • SHA256

      c4e0c84e4e7ae8d57a0394b4c4e8f1acbde06b4e90d462c9eb53007e0513570e

    • SHA512

      62ca568a43813d809ed3e38444689943a7bb93b22118cd4ec29a489b769e2f3b9046b7760f8db4e4770420e03835150af36e34716d5d75a98ef716adbf1879e1

    • SSDEEP

      192:JiyiAwq2DgEWrzHaP3/PPyiAwq2wzHaP3V0:JragEWrzHaP3/P0FzHaP3V0

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks