General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241029-d6gwsavclm

  • MD5

    61e83457cfb41c7529cd65c1a4ede028

  • SHA1

    55bbc583c8bd78f293ec52db2bc4129d6f061942

  • SHA256

    87b3a023794d3ede58ff56e2c51854f4793679e4499220e05847cf504f3722c3

  • SHA512

    86c82400fd8097f3897c6f5fe4efce0f2ca9ca858eadbde803449471ec4c74d9f699a283f291d7338d015eb6e64bff98b0b4dc2588e4a3da08f14efd278015d2

  • SSDEEP

    192:1GmfiGFjHK92CjsMOT/XklJo7q4DHSB5REGmfiGFjH62CjsMG/XklJCDHSB5RI:1GmfiGFjHK6T/XklJo7qtGGmfiGFjHnL

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      61e83457cfb41c7529cd65c1a4ede028

    • SHA1

      55bbc583c8bd78f293ec52db2bc4129d6f061942

    • SHA256

      87b3a023794d3ede58ff56e2c51854f4793679e4499220e05847cf504f3722c3

    • SHA512

      86c82400fd8097f3897c6f5fe4efce0f2ca9ca858eadbde803449471ec4c74d9f699a283f291d7338d015eb6e64bff98b0b4dc2588e4a3da08f14efd278015d2

    • SSDEEP

      192:1GmfiGFjHK92CjsMOT/XklJo7q4DHSB5REGmfiGFjH62CjsMG/XklJCDHSB5RI:1GmfiGFjHK6T/XklJo7qtGGmfiGFjHnL

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks