General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241027-ctkapstblq

  • MD5

    8831ac149f5712a653b2ed7d4a827e57

  • SHA1

    e48119cbe7dcbf516620e6b82c96350ecb491554

  • SHA256

    0a1308880420110e9878381af3dfb552e8e6acc4a111e97a100e56b011cf1bbd

  • SHA512

    368cdcd017b026288093ca2a837a48c67cee319efbe80778a1a7c80f7206446b4944f3ade0ba0e8bfa35bc140fc293621629cd99e3e8e54e7226c2598122500f

  • SSDEEP

    96:HMMfw0o7MQoiYo7XjoP3uZJs/CqDyu7hlQdddimXhGXhaXh+WXhyXhCXhnEQyhlT:MAmyjhlQdddiGmSHqaGhlQddtmSHqalu

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      8831ac149f5712a653b2ed7d4a827e57

    • SHA1

      e48119cbe7dcbf516620e6b82c96350ecb491554

    • SHA256

      0a1308880420110e9878381af3dfb552e8e6acc4a111e97a100e56b011cf1bbd

    • SHA512

      368cdcd017b026288093ca2a837a48c67cee319efbe80778a1a7c80f7206446b4944f3ade0ba0e8bfa35bc140fc293621629cd99e3e8e54e7226c2598122500f

    • SSDEEP

      96:HMMfw0o7MQoiYo7XjoP3uZJs/CqDyu7hlQdddimXhGXhaXh+WXhyXhCXhnEQyhlT:MAmyjhlQdddiGmSHqaGhlQddtmSHqalu

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks