General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241026-fhdwbs1fjk

  • MD5

    8f6add65d41732c628b15429f288c9ed

  • SHA1

    7653925d00191d0c465c27a2ec4629b239a7ed18

  • SHA256

    c926da30b268b7dcbb5512b480d408ecea628e3c6f5f96d5e45a66133f09a3ce

  • SHA512

    9822610bf40aa2794b2d531ca757b371d0eff87dc60f77778095c63d86d51c56eefecde03fd235463e8f7c30e3cb53b3907b39fed8fe00a2aa05e2277ff1efe5

  • SSDEEP

    96:YTvHRqikRLO+vrvPvLxpFCasUYqm34zeOeUIbI3Ikl/O+FLaSiLhahShnKmeLsgJ:YaRbO/dMYklZOcqNMYklYCV

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      8f6add65d41732c628b15429f288c9ed

    • SHA1

      7653925d00191d0c465c27a2ec4629b239a7ed18

    • SHA256

      c926da30b268b7dcbb5512b480d408ecea628e3c6f5f96d5e45a66133f09a3ce

    • SHA512

      9822610bf40aa2794b2d531ca757b371d0eff87dc60f77778095c63d86d51c56eefecde03fd235463e8f7c30e3cb53b3907b39fed8fe00a2aa05e2277ff1efe5

    • SSDEEP

      96:YTvHRqikRLO+vrvPvLxpFCasUYqm34zeOeUIbI3Ikl/O+FLaSiLhahShnKmeLsgJ:YaRbO/dMYklZOcqNMYklYCV

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks