General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241028-nrpyyswmay

  • MD5

    49650b53e36136f3015645e293095009

  • SHA1

    333e65f93dff13aa30012850d5e1291b67d1d234

  • SHA256

    e7f1c22b87e3a404e60bb1476a9d10732f33fadebb632c86896ab14e276af29d

  • SHA512

    6ed0b3c0269dd71ffa648af9c1187ae1cec545929ddc11b4186653a1beea256812e32a4b84d6c14ba928b1f2cdf9a319e669242372b39ca54a47fdb1af5aa526

  • SSDEEP

    96:JB56/gEV+eseRHtFDeRNq8s9OCVAFzurj3sBHtFDeRN218s9OCfh2MaG3qoP3CBI:QsGnD8s9OCVAFurjQz8s9OChZI+

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      49650b53e36136f3015645e293095009

    • SHA1

      333e65f93dff13aa30012850d5e1291b67d1d234

    • SHA256

      e7f1c22b87e3a404e60bb1476a9d10732f33fadebb632c86896ab14e276af29d

    • SHA512

      6ed0b3c0269dd71ffa648af9c1187ae1cec545929ddc11b4186653a1beea256812e32a4b84d6c14ba928b1f2cdf9a319e669242372b39ca54a47fdb1af5aa526

    • SSDEEP

      96:JB56/gEV+eseRHtFDeRNq8s9OCVAFzurj3sBHtFDeRN218s9OCfh2MaG3qoP3CBI:QsGnD8s9OCVAFurjQz8s9OChZI+

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks