General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241026-a47smsybjr

  • MD5

    ba2006cf9ab7cecd3041881ac4b97c05

  • SHA1

    94710518bbc6c65c60bbde8bd5da50e0d9916218

  • SHA256

    016c801897aa869f8e2eb8311774c9a63cf6d69ee3095c14f753a4fff19e9580

  • SHA512

    a923231c090407b72e8140932d79642c88f41ea5f2697b4007a97c7e017629c4b39d0d6fd950ff4ffa3d43c9ce1ea8c48209e4f03fad341510b0ce81aa398799

  • SSDEEP

    192:MLs8kpZxquPPmnNTlZ1CJ5x/jquPinNZZ1CJ58M:MLs8kpZxquPPilZ1CJ5x/jquPIZ1CJ5N

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      ba2006cf9ab7cecd3041881ac4b97c05

    • SHA1

      94710518bbc6c65c60bbde8bd5da50e0d9916218

    • SHA256

      016c801897aa869f8e2eb8311774c9a63cf6d69ee3095c14f753a4fff19e9580

    • SHA512

      a923231c090407b72e8140932d79642c88f41ea5f2697b4007a97c7e017629c4b39d0d6fd950ff4ffa3d43c9ce1ea8c48209e4f03fad341510b0ce81aa398799

    • SSDEEP

      192:MLs8kpZxquPPmnNTlZ1CJ5x/jquPinNZZ1CJ58M:MLs8kpZxquPPilZ1CJ5x/jquPIZ1CJ5N

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks