General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241027-lsrg3awfjd

  • MD5

    a5a9f72ca25763058aacf1994a85b616

  • SHA1

    748843de754f9484c22ebf1e32e5894d70f4859f

  • SHA256

    2fe6e0a4b1a668bd4e323127aa964e409fbdb503359473b0988027781eb7ef86

  • SHA512

    47f9975ff7556dfa8ceecd5af09a40a67e07ddd1478bfee1cbe1189d252b5fe35d0a098fa94c5aa6aa5694f33bb0b776685ddd59772184b7d42fa2a5d78e6cea

  • SSDEEP

    192:oPTGhYwtdd5GFV2ER73e7jb18jgZPTGhYwDd5GFVW73e7jVIU:QgbEo18Uftx

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      a5a9f72ca25763058aacf1994a85b616

    • SHA1

      748843de754f9484c22ebf1e32e5894d70f4859f

    • SHA256

      2fe6e0a4b1a668bd4e323127aa964e409fbdb503359473b0988027781eb7ef86

    • SHA512

      47f9975ff7556dfa8ceecd5af09a40a67e07ddd1478bfee1cbe1189d252b5fe35d0a098fa94c5aa6aa5694f33bb0b776685ddd59772184b7d42fa2a5d78e6cea

    • SSDEEP

      192:oPTGhYwtdd5GFV2ER73e7jb18jgZPTGhYwDd5GFVW73e7jVIU:QgbEo18Uftx

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks