General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241027-qfg53swjgz

  • MD5

    e25d67289296ea6716242afe084be064

  • SHA1

    557e2824781af2a82ccb7f1ed07a6cb959c97b33

  • SHA256

    9d7e7601d937da98269f0a504dbc490f0342d1d1ad18593d47fa3885435dce17

  • SHA512

    76392b03c0e238feaabbc7085b5abbdb073cce0acf778af332ca25d292fa70e72b94c1771372563f0475dc9e4e17967edc14c35693351718f325ad571a0194ab

  • SSDEEP

    192:F6FlQXLS3WKrQo5igDTKVR2oARDTKVRgWKrQoUFlQXLKj:m3WKrQo5isoA1WKrQo6

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      e25d67289296ea6716242afe084be064

    • SHA1

      557e2824781af2a82ccb7f1ed07a6cb959c97b33

    • SHA256

      9d7e7601d937da98269f0a504dbc490f0342d1d1ad18593d47fa3885435dce17

    • SHA512

      76392b03c0e238feaabbc7085b5abbdb073cce0acf778af332ca25d292fa70e72b94c1771372563f0475dc9e4e17967edc14c35693351718f325ad571a0194ab

    • SSDEEP

      192:F6FlQXLS3WKrQo5igDTKVR2oARDTKVRgWKrQoUFlQXLKj:m3WKrQo5isoA1WKrQo6

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks