General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241027-dma9wsshja

  • MD5

    4ea5706fdd75f148d2bf38bc0ca8bf54

  • SHA1

    57a2af30643d8facb455bb90086386308bdbb582

  • SHA256

    6984b6d84c72c16fe2e373f060552fb6c17fb0c2d30546d2f5cd9b47e60dcaa5

  • SHA512

    a5c858e9af5b42bd2697b799f540c3b6530a4ec5380ce173d60ec5beca09f09415ee0d614f4aa71a45fc2bb557c8293c214856b055e07317d64045d5959448f3

  • SSDEEP

    96:YmWF4N4N4fw0n3LiLBoBkBoiYo75v5D5oP3uZLCaLsLJ6JyJDyunue0EQEMEQddm:yW8Q137Qdd3Ak8YHqa437Qddv8YHqa56

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      4ea5706fdd75f148d2bf38bc0ca8bf54

    • SHA1

      57a2af30643d8facb455bb90086386308bdbb582

    • SHA256

      6984b6d84c72c16fe2e373f060552fb6c17fb0c2d30546d2f5cd9b47e60dcaa5

    • SHA512

      a5c858e9af5b42bd2697b799f540c3b6530a4ec5380ce173d60ec5beca09f09415ee0d614f4aa71a45fc2bb557c8293c214856b055e07317d64045d5959448f3

    • SSDEEP

      96:YmWF4N4N4fw0n3LiLBoBkBoiYo75v5D5oP3uZLCaLsLJ6JyJDyunue0EQEMEQddm:yW8Q137Qdd3Ak8YHqa437Qddv8YHqa56

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks