General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241028-h13cra1mcx

  • MD5

    34f662417bf176ca742244f75842429b

  • SHA1

    527b928ad8dfe41ae5ebe3e805c24d0c00064172

  • SHA256

    cae24d9d229f447e09bee1f6ebe392d45986a77188455ec4abf57f263d86b23c

  • SHA512

    d58745b879cdc6f90dfbee48355106feb3f4bcc80538514c1f7c9644850d828cb4480dd8c92883e689d25e60ac01b5256040d241383ab796148fe157401b6550

  • SSDEEP

    96:YosPP6yxGUY2UxpA/TT5yKin6ddiKCMLC9C9CbaPLXrgLpBRL99qLmWWGpSqrTLI:YtTsn8+YYbaPwl2GGt5YYbaDGlngUnG

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      34f662417bf176ca742244f75842429b

    • SHA1

      527b928ad8dfe41ae5ebe3e805c24d0c00064172

    • SHA256

      cae24d9d229f447e09bee1f6ebe392d45986a77188455ec4abf57f263d86b23c

    • SHA512

      d58745b879cdc6f90dfbee48355106feb3f4bcc80538514c1f7c9644850d828cb4480dd8c92883e689d25e60ac01b5256040d241383ab796148fe157401b6550

    • SSDEEP

      96:YosPP6yxGUY2UxpA/TT5yKin6ddiKCMLC9C9CbaPLXrgLpBRL99qLmWWGpSqrTLI:YtTsn8+YYbaPwl2GGt5YYbaDGlngUnG

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks