General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241027-v1emxa1cjm

  • MD5

    993a3e2f46840103a33a0ca2fc91dfe7

  • SHA1

    678e29df40375ee97c70526b0218055aed855419

  • SHA256

    53e50a079dd44b3fad308902f263fbdd8f2fbbbc630af95eb9af755dcb641870

  • SHA512

    0bac561038a79d408e79fa667d6a436f7a5dc10e34ab8cf42f4de8e94b30a60aa6239a43161fdbd33a93e41bb712493f51354ae68939b1648fdff8882868c307

  • SSDEEP

    192:SrOVDDYRLNeA59BA77wizvDoVNRN8sDiWFvDoVNv8sDiWO9BA77W6GDDYR4Gh:SrOMNv9BA77TzvDoVNR/vDoVNO9BA77x

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      993a3e2f46840103a33a0ca2fc91dfe7

    • SHA1

      678e29df40375ee97c70526b0218055aed855419

    • SHA256

      53e50a079dd44b3fad308902f263fbdd8f2fbbbc630af95eb9af755dcb641870

    • SHA512

      0bac561038a79d408e79fa667d6a436f7a5dc10e34ab8cf42f4de8e94b30a60aa6239a43161fdbd33a93e41bb712493f51354ae68939b1648fdff8882868c307

    • SSDEEP

      192:SrOVDDYRLNeA59BA77wizvDoVNRN8sDiWFvDoVNv8sDiWO9BA77W6GDDYR4Gh:SrOMNv9BA77TzvDoVNR/vDoVNO9BA77x

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks