General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241028-e6hnra1bja

  • MD5

    f649ee0c1cafc0060b532fcc04209ecd

  • SHA1

    94eb99eb4c97b6cce624082021b50a2333739992

  • SHA256

    884ca740c736e53bcda0bc5565640596c5b619860d6fd1aeab96ba5baf4d325a

  • SHA512

    a9a435d728db3911d7a42d9365e5b50cf4efca42a644d00081ad1a0927cac02167a6403dec8cfeba0e7b1d424af6aae12f313456861355bd1b16b831376e5d82

  • SSDEEP

    192:FOqOnsMx6E9h7nbESYBlx01t1xV6DTT0qOnsMx3xV6DT3nbEllx01tt:IqOnsk6E9h5YQqOnskI

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      f649ee0c1cafc0060b532fcc04209ecd

    • SHA1

      94eb99eb4c97b6cce624082021b50a2333739992

    • SHA256

      884ca740c736e53bcda0bc5565640596c5b619860d6fd1aeab96ba5baf4d325a

    • SHA512

      a9a435d728db3911d7a42d9365e5b50cf4efca42a644d00081ad1a0927cac02167a6403dec8cfeba0e7b1d424af6aae12f313456861355bd1b16b831376e5d82

    • SSDEEP

      192:FOqOnsMx6E9h7nbESYBlx01t1xV6DTT0qOnsMx3xV6DT3nbEllx01tt:IqOnsk6E9h5YQqOnskI

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks