General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241027-fvt33svfpn

  • MD5

    81288c91545f3dfb4a32178d8bf8a1ae

  • SHA1

    8be0e61311efb68081f672f1017872b4ca780b59

  • SHA256

    d6969275efae5bfe2230492af1741f5329a8a46491a6f58144e9ee58690c41af

  • SHA512

    9db12722c20f328bc60ddd04468b8c05556b197a743cbbaac07d10d2812638e825c7a8fc08976caac35e81930c5fafaa6637b3402480c5bb0fe0459df159be0e

  • SSDEEP

    192:Btdzz/AjT2IZ0IITNA1Wrpz/AjTn3qz6S:BtdrI2IITNA1Wr26z6S

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      81288c91545f3dfb4a32178d8bf8a1ae

    • SHA1

      8be0e61311efb68081f672f1017872b4ca780b59

    • SHA256

      d6969275efae5bfe2230492af1741f5329a8a46491a6f58144e9ee58690c41af

    • SHA512

      9db12722c20f328bc60ddd04468b8c05556b197a743cbbaac07d10d2812638e825c7a8fc08976caac35e81930c5fafaa6637b3402480c5bb0fe0459df159be0e

    • SSDEEP

      192:Btdzz/AjT2IZ0IITNA1Wrpz/AjTn3qz6S:BtdrI2IITNA1Wr26z6S

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks