General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241028-hnmfrsshrd

  • MD5

    2f7f72afe66995d80b8950bd71167bd4

  • SHA1

    289d4e79acdb59a5b7949b7efd0816c5642cad63

  • SHA256

    a42b9535d1f64e52d6c1ab42f156b47099ba25c546a8d577c98f459e9b1ae32d

  • SHA512

    19333cd2736ae9ba80aae36f468e153cc75c2f02b5e10af97eadc06fe099ff9fde868882ff9617ab6ed27d4d79fea860f73a802781f99907704d74f78e4cc277

  • SSDEEP

    96:OXZ90n08OObaPWHgmGVTW8OObazgLmG93TpVVY6/IdNenUd:Op90n08OObaPWHgmGVHOObaXGdVqMnW

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      2f7f72afe66995d80b8950bd71167bd4

    • SHA1

      289d4e79acdb59a5b7949b7efd0816c5642cad63

    • SHA256

      a42b9535d1f64e52d6c1ab42f156b47099ba25c546a8d577c98f459e9b1ae32d

    • SHA512

      19333cd2736ae9ba80aae36f468e153cc75c2f02b5e10af97eadc06fe099ff9fde868882ff9617ab6ed27d4d79fea860f73a802781f99907704d74f78e4cc277

    • SSDEEP

      96:OXZ90n08OObaPWHgmGVTW8OObazgLmG93TpVVY6/IdNenUd:Op90n08OObaPWHgmGVHOObaXGdVqMnW

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks