General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241029-ctkapszrgn

  • MD5

    2ab6b439e7b5a15c6839191360b9a06a

  • SHA1

    c270c3f811248d555246b98069a5a84a9ea5f49e

  • SHA256

    59a0133ce4cee7c4125b64a730c0ef1683f745b195e83640ac4dba71b2c35f76

  • SHA512

    bc9b5609ba19477d1217d6951bd2f11ca7bbe4c8d549963a7f9133ebd2d60aa96557ad7d0e64c0a342e9671dc0c41d0fc4742a4325344f15ceff18a2833126d1

  • SSDEEP

    192:9U0fiGNNBEz+6jsMOBv3klJ4tAObPSB5RiU0fiGdNBE+6jsMYv3klJwbPSB5RI:9U0fiGNNBECBv3klJ4tAHUU0fiGdNBD3

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      2ab6b439e7b5a15c6839191360b9a06a

    • SHA1

      c270c3f811248d555246b98069a5a84a9ea5f49e

    • SHA256

      59a0133ce4cee7c4125b64a730c0ef1683f745b195e83640ac4dba71b2c35f76

    • SHA512

      bc9b5609ba19477d1217d6951bd2f11ca7bbe4c8d549963a7f9133ebd2d60aa96557ad7d0e64c0a342e9671dc0c41d0fc4742a4325344f15ceff18a2833126d1

    • SSDEEP

      192:9U0fiGNNBEz+6jsMOBv3klJ4tAObPSB5RiU0fiGdNBE+6jsMYv3klJwbPSB5RI:9U0fiGNNBECBv3klJ4tAHUU0fiGdNBD3

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks