General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241027-f2jwpasjcj

  • MD5

    85d74baef7ce93fd942b1abca31bf2dd

  • SHA1

    a7e677437c07ce76e9242021261bc10ae3c1728e

  • SHA256

    1d43a86626e757581c833eb1c3c1c86ca410d4f8ceeed084749eeb7c39fd4da1

  • SHA512

    01166c5328b88a37c6f813c2c230bfb8ab099386a4d9d45d663902833009e012859aa7452ea9d9bff524dc0bf6f3dd938c0df0225b65ece29ab5a364e10a5677

  • SSDEEP

    192:ffd11BAjT2qH0+mhJy/EN71BAjTx9wrKS:ffdJqU+mhJy/ENqyrKS

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      85d74baef7ce93fd942b1abca31bf2dd

    • SHA1

      a7e677437c07ce76e9242021261bc10ae3c1728e

    • SHA256

      1d43a86626e757581c833eb1c3c1c86ca410d4f8ceeed084749eeb7c39fd4da1

    • SHA512

      01166c5328b88a37c6f813c2c230bfb8ab099386a4d9d45d663902833009e012859aa7452ea9d9bff524dc0bf6f3dd938c0df0225b65ece29ab5a364e10a5677

    • SSDEEP

      192:ffd11BAjT2qH0+mhJy/EN71BAjTx9wrKS:ffdJqU+mhJy/ENqyrKS

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks