General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241028-es33ja1bpp

  • MD5

    4f48d11fbf4c7f60180cd351ce352df6

  • SHA1

    162c881a1395c43f23037a9dacbc725e4132cacc

  • SHA256

    0c48c324761490a83b7f790816c315583c2f778ea063ab7899be20b38c3647e5

  • SHA512

    2d320b33d18fe77dfc7a49dc782a22fb50a73189cff12acb4bfaf2dc054c59b3b62e30133146eeb5773859caff4b3a09012dd727dd5125b6ce3754ea4c2b926c

  • SSDEEP

    192:tGA0nsMx6GnhZ15ESGJ9501tr3L6DTdoA0nsMxz3L6DTH15Et9501tt:QA0nsk6GnhRGmA0nsko

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      4f48d11fbf4c7f60180cd351ce352df6

    • SHA1

      162c881a1395c43f23037a9dacbc725e4132cacc

    • SHA256

      0c48c324761490a83b7f790816c315583c2f778ea063ab7899be20b38c3647e5

    • SHA512

      2d320b33d18fe77dfc7a49dc782a22fb50a73189cff12acb4bfaf2dc054c59b3b62e30133146eeb5773859caff4b3a09012dd727dd5125b6ce3754ea4c2b926c

    • SSDEEP

      192:tGA0nsMx6GnhZ15ESGJ9501tr3L6DTdoA0nsMxz3L6DTH15Et9501tt:QA0nsk6GnhRGmA0nsko

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks