General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241028-ay2pfatmak

  • MD5

    849acd2499c12bbd27db4db0cff6ed8d

  • SHA1

    1c3696f62ca4eebe3a51226962156c6a9344e0f2

  • SHA256

    57d8dd569cff7c720ea23431c70899d3e283240017c33729122fe901e574d7c8

  • SHA512

    1ddb98d0187a84d9f6de40a2d3db9eb28c1e00c7464228a988788e6edf73cec6293106f8833edde318083082c4e9a213d8b2d8d0770e8029e877b93e3292beec

  • SSDEEP

    192:2eW9o0jwOmB4EREqrzARWdFy/rk9vOmB4EnZKOdFy/rcMeW9o0U:gwOmB4EREqrzARI9vOmB4EnZKYr

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      849acd2499c12bbd27db4db0cff6ed8d

    • SHA1

      1c3696f62ca4eebe3a51226962156c6a9344e0f2

    • SHA256

      57d8dd569cff7c720ea23431c70899d3e283240017c33729122fe901e574d7c8

    • SHA512

      1ddb98d0187a84d9f6de40a2d3db9eb28c1e00c7464228a988788e6edf73cec6293106f8833edde318083082c4e9a213d8b2d8d0770e8029e877b93e3292beec

    • SSDEEP

      192:2eW9o0jwOmB4EREqrzARWdFy/rk9vOmB4EnZKOdFy/rcMeW9o0U:gwOmB4EREqrzARI9vOmB4EnZKYr

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks