General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241026-d3lqkaxkb1

  • MD5

    0bdb919ee180b42f7b53ec8c7c2499a4

  • SHA1

    d54bd40071046c45dcc4e88c2e9a05113c504eac

  • SHA256

    760f19711dc3b16def3b90f355e250ea6de7da00d64b3dafa86a43ffe4db138d

  • SHA512

    2902c2574230953398c35ec5a851aa7b5799636cc11e7743c282f963dc7fba21be25532e8e91fe2c16f012e6e4c626ff59f9e4c7a1b806d01bfe026cc3b16057

  • SSDEEP

    192:pg5YYd8NMdUMU8UtUEUmFUoDFCzAYYd8PoUMU8UtUEUmFUx:pg5YYd8NMK9DwMYYd8Pjy

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      0bdb919ee180b42f7b53ec8c7c2499a4

    • SHA1

      d54bd40071046c45dcc4e88c2e9a05113c504eac

    • SHA256

      760f19711dc3b16def3b90f355e250ea6de7da00d64b3dafa86a43ffe4db138d

    • SHA512

      2902c2574230953398c35ec5a851aa7b5799636cc11e7743c282f963dc7fba21be25532e8e91fe2c16f012e6e4c626ff59f9e4c7a1b806d01bfe026cc3b16057

    • SSDEEP

      192:pg5YYd8NMdUMU8UtUEUmFUoDFCzAYYd8PoUMU8UtUEUmFUx:pg5YYd8NMK9DwMYYd8Pjy

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks