General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241026-ak2saaxhjk

  • MD5

    3df6cb5ff090e440245622dc0e09e8fd

  • SHA1

    b6100bd16e49f19e01167c208a6c409c0f1e7138

  • SHA256

    8244109c86d283b906fe675baa7fccf53d3e46fa0b70226edfdd27733edf68d6

  • SHA512

    a2127f66a415e823a3c0339d1e57a88c438beeec8eb14f589847810b25c7e29a4df2342cebd5ff4dd7ed11a943ab71d220f4965f7bce0b556b5b4c557e422497

  • SSDEEP

    192:+LQ427N18wPP4/NT5HzCJ5p9N8wPk/NJHzCJ5uM:+LQ427N18wPPs5HzCJ5p9N8wP6HzCJ5j

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      3df6cb5ff090e440245622dc0e09e8fd

    • SHA1

      b6100bd16e49f19e01167c208a6c409c0f1e7138

    • SHA256

      8244109c86d283b906fe675baa7fccf53d3e46fa0b70226edfdd27733edf68d6

    • SHA512

      a2127f66a415e823a3c0339d1e57a88c438beeec8eb14f589847810b25c7e29a4df2342cebd5ff4dd7ed11a943ab71d220f4965f7bce0b556b5b4c557e422497

    • SSDEEP

      192:+LQ427N18wPP4/NT5HzCJ5p9N8wPk/NJHzCJ5uM:+LQ427N18wPPs5HzCJ5p9N8wP6HzCJ5j

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks