General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241026-wqarmsvldq

  • MD5

    e0055200def5fe48ba452522862fb712

  • SHA1

    bf3781538ff791585c1d0eeb9df035f072f3ed54

  • SHA256

    585ec47054d0df1fa327009d4f6a78ab7ec3a12a37dab61e9cef078ea9bb8f14

  • SHA512

    0a89d5b349924086f77fe4930ad881c0ddcf5375dd5db5c81b1d798afc0331cd20644453475991f75036346f3fc69ed84474662935d60c0d22262aebdd9e996b

  • SSDEEP

    192:QpRUAsXNs1yeJwIYzVj8g0e4qS5FyeJwIhg0e4qSzupRUAsX8:QpRUDXNs1yeJwIYzVj8g0BqS5FyeJwI2

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      e0055200def5fe48ba452522862fb712

    • SHA1

      bf3781538ff791585c1d0eeb9df035f072f3ed54

    • SHA256

      585ec47054d0df1fa327009d4f6a78ab7ec3a12a37dab61e9cef078ea9bb8f14

    • SHA512

      0a89d5b349924086f77fe4930ad881c0ddcf5375dd5db5c81b1d798afc0331cd20644453475991f75036346f3fc69ed84474662935d60c0d22262aebdd9e996b

    • SSDEEP

      192:QpRUAsXNs1yeJwIYzVj8g0e4qS5FyeJwIhg0e4qSzupRUAsX8:QpRUDXNs1yeJwIYzVj8g0BqS5FyeJwI2

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks