General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241028-kw59ysvepe

  • MD5

    1c0839ca1471016bd5482a1e17b97fdc

  • SHA1

    df2c3461af04e593842416d785f39a3caacd45b8

  • SHA256

    bcac9523768177e64f97e6615b6cb8f930e57b3bdef5d7c97604aa5f7e659f8f

  • SHA512

    8015b24b538522b0c163d9b5bc3191b1fffcce75f364199c4c7f770bc5b54708774425f1b157275992f16f3f5d0387858ba3b2852877ee750e748a6cd6a8ef3f

  • SSDEEP

    192:yrZZMNtZ69VT/cbr4ZtEiYVz6ibGad9BloBpNZZMNtZmT/cbrSZtUVl6ibGazBlf:yrZZMNtZ69VT/cbr4ZtEioz6ibGad9BF

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      1c0839ca1471016bd5482a1e17b97fdc

    • SHA1

      df2c3461af04e593842416d785f39a3caacd45b8

    • SHA256

      bcac9523768177e64f97e6615b6cb8f930e57b3bdef5d7c97604aa5f7e659f8f

    • SHA512

      8015b24b538522b0c163d9b5bc3191b1fffcce75f364199c4c7f770bc5b54708774425f1b157275992f16f3f5d0387858ba3b2852877ee750e748a6cd6a8ef3f

    • SSDEEP

      192:yrZZMNtZ69VT/cbr4ZtEiYVz6ibGad9BloBpNZZMNtZmT/cbrSZtUVl6ibGazBlf:yrZZMNtZ69VT/cbr4ZtEioz6ibGad9BF

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks