General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241028-14gvbswmbr

  • MD5

    ab59be796f2b5b96013757ab29ed465d

  • SHA1

    cf28e0efe3456606bd7c5bac484ba24d552be17f

  • SHA256

    d517e70e4f3b4b161f07e2842777a8a6ae21edd454da9c010ddb023d4086f2a3

  • SHA512

    494e90e63d9789ba8feb981bdc4bf718bacbe72f52f19dc789a201c157940eedfdd8f2734ae950ae314c91c8f2a4e6b588733fdf7f0619000d8e91bcbb4f0b3c

  • SSDEEP

    96:lxSOzow1ridtq3LqaC3vU4ns79zExSOzow1xiJ3v1pidtq3LDiSf0k4Jc9zEjaR:l9Waj4ns79zSwf9zr

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      ab59be796f2b5b96013757ab29ed465d

    • SHA1

      cf28e0efe3456606bd7c5bac484ba24d552be17f

    • SHA256

      d517e70e4f3b4b161f07e2842777a8a6ae21edd454da9c010ddb023d4086f2a3

    • SHA512

      494e90e63d9789ba8feb981bdc4bf718bacbe72f52f19dc789a201c157940eedfdd8f2734ae950ae314c91c8f2a4e6b588733fdf7f0619000d8e91bcbb4f0b3c

    • SSDEEP

      96:lxSOzow1ridtq3LqaC3vU4ns79zExSOzow1xiJ3v1pidtq3LDiSf0k4Jc9zEjaR:l9Waj4ns79zSwf9zr

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks