General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241026-ctklgawlez

  • MD5

    1fa8632f23bf2eb5ae4e459eb2a5cc6c

  • SHA1

    82b77d7ef192e07c64fb2924f35826b601320f62

  • SHA256

    a54866e44af267b3076ccca2c7e0203a29a6305050d9eada1458b2fdbdad9d01

  • SHA512

    92a0ab8744e2c7c76f94fbb1ee283b0b340f26fc78aba0d07799c08030dfa7eaf9b552de359499c069a889b3de007a7060c7604a274d832e82ba395eb2e08533

  • SSDEEP

    192:RKjiid8vMrUiUSUtUEUmFUo//Cjaiid8R+UiUSUtUEUmFUx:RKjiid8vM09/aWiid8RNy

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      1fa8632f23bf2eb5ae4e459eb2a5cc6c

    • SHA1

      82b77d7ef192e07c64fb2924f35826b601320f62

    • SHA256

      a54866e44af267b3076ccca2c7e0203a29a6305050d9eada1458b2fdbdad9d01

    • SHA512

      92a0ab8744e2c7c76f94fbb1ee283b0b340f26fc78aba0d07799c08030dfa7eaf9b552de359499c069a889b3de007a7060c7604a274d832e82ba395eb2e08533

    • SSDEEP

      192:RKjiid8vMrUiUSUtUEUmFUo//Cjaiid8R+UiUSUtUEUmFUx:RKjiid8vM09/aWiid8RNy

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks