General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241026-anxbzavkcx

  • MD5

    042ffe86b5c101dd20f3b7ff2486d06e

  • SHA1

    e82c66d03de4157b3df8d6d2539ff67ca7d075c3

  • SHA256

    e916bfb58a3933a580fa9f73b8d008b758c917db7cd2e506624641337dc54413

  • SHA512

    d1868eaea04c7e30be7c7fda56c5cd7f51811c959b451e7c3aedb54df79d757a089ea579adcf946de7501eabcd6941978ecd0bf3d5a988b416b9b84e0c4bd05e

  • SSDEEP

    192:WLqO8jHLyGPP+RNTbRdCJ5LhtyGPqRNbRdCJ5GM:WLqO8jHLyGPPMbRdCJ5LhtyGPgRdCJ5b

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      042ffe86b5c101dd20f3b7ff2486d06e

    • SHA1

      e82c66d03de4157b3df8d6d2539ff67ca7d075c3

    • SHA256

      e916bfb58a3933a580fa9f73b8d008b758c917db7cd2e506624641337dc54413

    • SHA512

      d1868eaea04c7e30be7c7fda56c5cd7f51811c959b451e7c3aedb54df79d757a089ea579adcf946de7501eabcd6941978ecd0bf3d5a988b416b9b84e0c4bd05e

    • SSDEEP

      192:WLqO8jHLyGPP+RNTbRdCJ5LhtyGPqRNbRdCJ5GM:WLqO8jHLyGPPMbRdCJ5LhtyGPgRdCJ5b

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks