General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241026-x53lmsxgre

  • MD5

    8e383752ec72afba2c859b318be45d80

  • SHA1

    406891ba5abdc3f69ab4637a118e82d5329231be

  • SHA256

    c609f35661e4eda240799ff7c06f4b1ba1ab48891ad84e5f9acdcfab7ff0cf45

  • SHA512

    5b50cd38698c517840cddfe2cc6d2c67d8a2591222a28b66027ede92045d8608c70ba1692fa072a90ab7d0a6e4d4bc757128a3aed20ed3644b91ecc3de124232

  • SSDEEP

    192:WXvUAsXNGHa2JwIYDVpmqOe4qS5na2JwI5qOe4qS7aXvUAsXi:WXvUDXNGHa2JwIYDVpmqOBqS5na2JwI+

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      8e383752ec72afba2c859b318be45d80

    • SHA1

      406891ba5abdc3f69ab4637a118e82d5329231be

    • SHA256

      c609f35661e4eda240799ff7c06f4b1ba1ab48891ad84e5f9acdcfab7ff0cf45

    • SHA512

      5b50cd38698c517840cddfe2cc6d2c67d8a2591222a28b66027ede92045d8608c70ba1692fa072a90ab7d0a6e4d4bc757128a3aed20ed3644b91ecc3de124232

    • SSDEEP

      192:WXvUAsXNGHa2JwIYDVpmqOe4qS5na2JwI5qOe4qS7aXvUAsXi:WXvUDXNGHa2JwIYDVpmqOBqS5na2JwI+

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks