General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241027-pgldfsvncm

  • MD5

    d8b3cb4793886f8ba51c73bc3cadbaca

  • SHA1

    2a4c460dad61345bdd09351812e2865159abe9dd

  • SHA256

    1c58f747753e3352a46c2916d9f5f8d5dc3b9e04b66f38485025b53dd25ceb31

  • SHA512

    dac5943a6be21fdaf966f6845585dedf0d97cbfa7743cd046fe3570f9ed3a292545364c7f491984555e1e5c5093f3ed46570d03629c6f6786b735a294788e013

  • SSDEEP

    192:rmjDQXL2FkYrQo5MENdKVRKKmdNdKVR2kYrQoYjDQXLoN:UFkYrQo5MAKmbkYrQo6

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      d8b3cb4793886f8ba51c73bc3cadbaca

    • SHA1

      2a4c460dad61345bdd09351812e2865159abe9dd

    • SHA256

      1c58f747753e3352a46c2916d9f5f8d5dc3b9e04b66f38485025b53dd25ceb31

    • SHA512

      dac5943a6be21fdaf966f6845585dedf0d97cbfa7743cd046fe3570f9ed3a292545364c7f491984555e1e5c5093f3ed46570d03629c6f6786b735a294788e013

    • SSDEEP

      192:rmjDQXL2FkYrQo5MENdKVRKKmdNdKVR2kYrQoYjDQXLoN:UFkYrQo5MAKmbkYrQo6

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks