General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241027-yem9ps1enh

  • MD5

    5ecd8e3f2eb51a7dc020f24e33b8cc57

  • SHA1

    be4322853738933aa75ef6ade68437e1c6290afe

  • SHA256

    19c1517a2ea1661dfe2ede8c05244675c15d73c99da83c28e14b099d85f9974f

  • SHA512

    f43f15b94f1eab3f628a22d9dec691977126ced5801a808fc091f5847ab5cb1bf5bce49da1056fa82a1c14ccecddf1d0c76ecab6fcb74951c56b7c87a331dce1

  • SSDEEP

    192:eyoVNmlHxyrasCqOpG+qpOVNmlHx3qOpG+0:e/VNmlRyrasH8VNmlRm

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      5ecd8e3f2eb51a7dc020f24e33b8cc57

    • SHA1

      be4322853738933aa75ef6ade68437e1c6290afe

    • SHA256

      19c1517a2ea1661dfe2ede8c05244675c15d73c99da83c28e14b099d85f9974f

    • SHA512

      f43f15b94f1eab3f628a22d9dec691977126ced5801a808fc091f5847ab5cb1bf5bce49da1056fa82a1c14ccecddf1d0c76ecab6fcb74951c56b7c87a331dce1

    • SSDEEP

      192:eyoVNmlHxyrasCqOpG+qpOVNmlHx3qOpG+0:e/VNmlRyrasH8VNmlRm

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks