General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241027-mv35bavjen

  • MD5

    688ca450547096f076169e59bab218e1

  • SHA1

    2187af4719b3b2f94b20e5e3ad20b8222bc077ac

  • SHA256

    005d953b62081fa02676b1afd5e50a67173a552a0ca6e02f3622a89497c75127

  • SHA512

    4b9aa7e6693587d69eb70d43f25242123a62a6acd4b0c3bedd1533f2afb49f99d44f26bb6c17dbcf9ca11f2d689e80cccb1df2447fa39a4541d82c23b2c13b0c

  • SSDEEP

    192:2e6/8cxOOD6Ock1sDEQ9OuNUMEQ9Oure6/8cbOOD6O9:2e6/8cxOOD6Ock1sDEQ9OuNUMEQ9OurZ

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      688ca450547096f076169e59bab218e1

    • SHA1

      2187af4719b3b2f94b20e5e3ad20b8222bc077ac

    • SHA256

      005d953b62081fa02676b1afd5e50a67173a552a0ca6e02f3622a89497c75127

    • SHA512

      4b9aa7e6693587d69eb70d43f25242123a62a6acd4b0c3bedd1533f2afb49f99d44f26bb6c17dbcf9ca11f2d689e80cccb1df2447fa39a4541d82c23b2c13b0c

    • SSDEEP

      192:2e6/8cxOOD6Ock1sDEQ9OuNUMEQ9Oure6/8cbOOD6O9:2e6/8cxOOD6Ock1sDEQ9OuNUMEQ9OurZ

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks