General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241028-hgx9patbqm

  • MD5

    64720a9ea75f4d4f76e6f329663cda1e

  • SHA1

    6c72c54832e65dcc41c2eb6e80e88c4a693a3d1b

  • SHA256

    aaa88dcb8ec822f62303b714fcfce67aaa1a41ec6d64f4d07b30ae5ace63551c

  • SHA512

    22d3d662b7452755e95392ad678e4cc68eb6a0e8b7bde0f70ac83388add270a64f2ec26c8376465c863135797f248af7a8871bca0ccb1e817703bafc710eed47

  • SSDEEP

    96:8B5XOnoEWWbaPOfYQGXTuEWWbaz4jQG9pTv9XY45wVNAnU1:8HXOnoEWWbaPOfYQGX9WWbaNGPbc2n8

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      64720a9ea75f4d4f76e6f329663cda1e

    • SHA1

      6c72c54832e65dcc41c2eb6e80e88c4a693a3d1b

    • SHA256

      aaa88dcb8ec822f62303b714fcfce67aaa1a41ec6d64f4d07b30ae5ace63551c

    • SHA512

      22d3d662b7452755e95392ad678e4cc68eb6a0e8b7bde0f70ac83388add270a64f2ec26c8376465c863135797f248af7a8871bca0ccb1e817703bafc710eed47

    • SSDEEP

      96:8B5XOnoEWWbaPOfYQGXTuEWWbaz4jQG9pTv9XY45wVNAnU1:8HXOnoEWWbaPOfYQGX9WWbaNGPbc2n8

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks