General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241028-cazahsyalj

  • MD5

    567b26178787625e5e69ebf24877fdf3

  • SHA1

    9a84ea89a6588fccfa51fc42e03dd6e8504b94c2

  • SHA256

    5858f0fb88e8a5b65501e654868ef90ac09e709484454d0ff8c8de09119c91a2

  • SHA512

    ca446298c6ebc48feb0d455c54ea00518930b352cd7161ae64d6ca3b9496e364e32b1cdc449a3b63d84957fbca34065e136b22593dc15274232783c0cf3af8c0

  • SSDEEP

    192:y4w9o0jmMkB4Ex64dz8ZoPXy/rkbNMkB4EvDuAPXy/ric4w9o0U:kmMkB4Ex64dz8ZqbNMkB4EvDusr

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      567b26178787625e5e69ebf24877fdf3

    • SHA1

      9a84ea89a6588fccfa51fc42e03dd6e8504b94c2

    • SHA256

      5858f0fb88e8a5b65501e654868ef90ac09e709484454d0ff8c8de09119c91a2

    • SHA512

      ca446298c6ebc48feb0d455c54ea00518930b352cd7161ae64d6ca3b9496e364e32b1cdc449a3b63d84957fbca34065e136b22593dc15274232783c0cf3af8c0

    • SSDEEP

      192:y4w9o0jmMkB4Ex64dz8ZoPXy/rkbNMkB4EvDuAPXy/ric4w9o0U:kmMkB4Ex64dz8ZqbNMkB4EvDusr

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks