General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241027-rsefdsyhpq

  • MD5

    a67b1a20b6d84b0e0d38e43102127d4d

  • SHA1

    786fa027c0da1db86f63750b3761beb0b15e9c73

  • SHA256

    e29c682be0d14c24dbae6463043bd868f79dd8780eaa5a04ab5e89b8649ff393

  • SHA512

    451fdced035c8e43a4286e2e252c785f19f34ee97dbe0f073006034d9de67c2300d266e9d7d4ad0dc83f2c5550181e7b4a6c6d933d7ad8351fc3ce5e8f4bb955

  • SSDEEP

    192:22WASub2OyoMwz0sbO0Ass+zXw/3nMdhjzXw/37L0AsDdhtdSub2OVMwz0s3:222oMwz0sbO0Ass+zXw/3uzXw/3f0AsR

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      a67b1a20b6d84b0e0d38e43102127d4d

    • SHA1

      786fa027c0da1db86f63750b3761beb0b15e9c73

    • SHA256

      e29c682be0d14c24dbae6463043bd868f79dd8780eaa5a04ab5e89b8649ff393

    • SHA512

      451fdced035c8e43a4286e2e252c785f19f34ee97dbe0f073006034d9de67c2300d266e9d7d4ad0dc83f2c5550181e7b4a6c6d933d7ad8351fc3ce5e8f4bb955

    • SSDEEP

      192:22WASub2OyoMwz0sbO0Ass+zXw/3nMdhjzXw/37L0AsDdhtdSub2OVMwz0s3:222oMwz0sbO0Ass+zXw/3uzXw/3f0AsR

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks