General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241026-gx6ekaymgz

  • MD5

    dbab112724d7cc2a331207383504c314

  • SHA1

    6d5efd992d1b00dd27ee23d47a174602cd0d588b

  • SHA256

    85e02bad7bdb6636f9cf128e30410ae17d2dc89223cff32febcc917fc55e3221

  • SHA512

    e207ed379089d24f47f0360565a42263ff94a0d29e8d97186bff03f814fdd1d68c699c488b9ff62488238b69e987d901bbc048f43549caf15ee22ecfb60d966b

  • SSDEEP

    96:jFbFHF6HHwxRlEZlSjrpkq2FEcy3b0I0FV8rna0FV8rnYvKxRdEZlSjrQaFbFHFu:jXll3bz2zM

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      dbab112724d7cc2a331207383504c314

    • SHA1

      6d5efd992d1b00dd27ee23d47a174602cd0d588b

    • SHA256

      85e02bad7bdb6636f9cf128e30410ae17d2dc89223cff32febcc917fc55e3221

    • SHA512

      e207ed379089d24f47f0360565a42263ff94a0d29e8d97186bff03f814fdd1d68c699c488b9ff62488238b69e987d901bbc048f43549caf15ee22ecfb60d966b

    • SSDEEP

      96:jFbFHF6HHwxRlEZlSjrpkq2FEcy3b0I0FV8rna0FV8rnYvKxRdEZlSjrQaFbFHFu:jXll3bz2zM

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks