General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241028-f8vlrszjbs

  • MD5

    faae5585d5dcc822f7d49f6e76d1ad7b

  • SHA1

    9b081b9bf56c050114d46a9b7d38733682669f9d

  • SHA256

    c0bc234ffd2ae3085205f814f1f18a6acb1452e8cfc2509992e60aa0f134d653

  • SHA512

    323a7f3244dd16d9246e77f3cfb0a69521febc62b77f61a160845fe73ea2a289435f6da5af77411f752cf8878c701d2f04e8b377f0a4182dccd8e9ccbe6e2e86

  • SSDEEP

    192:dwCWnsMx68PhzvTEgwnbX01ttZN6DTz6CWnsMxTZN6DTfvTE/bX01tt:aCWnsk68Phpw+CWnsk+

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      faae5585d5dcc822f7d49f6e76d1ad7b

    • SHA1

      9b081b9bf56c050114d46a9b7d38733682669f9d

    • SHA256

      c0bc234ffd2ae3085205f814f1f18a6acb1452e8cfc2509992e60aa0f134d653

    • SHA512

      323a7f3244dd16d9246e77f3cfb0a69521febc62b77f61a160845fe73ea2a289435f6da5af77411f752cf8878c701d2f04e8b377f0a4182dccd8e9ccbe6e2e86

    • SSDEEP

      192:dwCWnsMx68PhzvTEgwnbX01ttZN6DTz6CWnsMxTZN6DTfvTE/bX01tt:aCWnsk68Phpw+CWnsk+

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks