General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241026-y5jn7swmgr

  • MD5

    a1329951e2eba09d1222076e3dd4b047

  • SHA1

    ab745d5eeb288f4b11eb212ecc7ca42d3de79e92

  • SHA256

    ca6f6dd0b35e3185039cfaea57b698bb3420ac16e537baa554611d42f71995ac

  • SHA512

    fd0e9356a3b477d8e50ecf95446d00e3f0829e1189c56f6592087be740ef52ec0048ba14cbd86b021a7bd793a2364011c811504a66eda3f14968a546fb7c89ab

  • SSDEEP

    192:cVUINuG7Uo9GmNNMuUJmHXeVlhrHXeVlhcxUINuGpUo9GmT:qUINuG7Uo9GmNNMuUJNUINuGpUo9GmT

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      a1329951e2eba09d1222076e3dd4b047

    • SHA1

      ab745d5eeb288f4b11eb212ecc7ca42d3de79e92

    • SHA256

      ca6f6dd0b35e3185039cfaea57b698bb3420ac16e537baa554611d42f71995ac

    • SHA512

      fd0e9356a3b477d8e50ecf95446d00e3f0829e1189c56f6592087be740ef52ec0048ba14cbd86b021a7bd793a2364011c811504a66eda3f14968a546fb7c89ab

    • SSDEEP

      192:cVUINuG7Uo9GmNNMuUJmHXeVlhrHXeVlhcxUINuGpUo9GmT:qUINuG7Uo9GmNNMuUJNUINuGpUo9GmT

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks