General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241027-k6ql9atmhq

  • MD5

    6c8b51991fdf61d5e4d608d79172aadd

  • SHA1

    10016e44064fd77256e054fe97e269bf6b46fc5e

  • SHA256

    39e10ef37dd81e5b6b122495f5d678e5813c416eb7129050525d72cc8dbbd335

  • SHA512

    3db47a0dc66e9e868e1048b5fe9d76623218d7b22e383a0fe08a6aa839e389312ead6a4f05da171606cfb61b1898bede08be48c1fa45548d78071e0d95d8edb2

  • SSDEEP

    192:QFJGhYwT11BGFV2uRjPe7jbP8lglFJGhYw91BGFV+jPe7jvee:4oTuYP8GvNN

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      6c8b51991fdf61d5e4d608d79172aadd

    • SHA1

      10016e44064fd77256e054fe97e269bf6b46fc5e

    • SHA256

      39e10ef37dd81e5b6b122495f5d678e5813c416eb7129050525d72cc8dbbd335

    • SHA512

      3db47a0dc66e9e868e1048b5fe9d76623218d7b22e383a0fe08a6aa839e389312ead6a4f05da171606cfb61b1898bede08be48c1fa45548d78071e0d95d8edb2

    • SSDEEP

      192:QFJGhYwT11BGFV2uRjPe7jbP8lglFJGhYw91BGFV+jPe7jvee:4oTuYP8GvNN

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks