General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241029-j6pjhsvpex

  • MD5

    be5fe215d1ce189773449883e7ad9e64

  • SHA1

    83403aa7e355aeca5dfa24ed93e0209290bf356f

  • SHA256

    b1a3f8f4cd01ff6b7f6cc1ddfcf2f969377b8d6f82c413026af04bcdbd66e4a2

  • SHA512

    d67c632211d726176da2ee7c4d7bd494d8f2dde0e59dcfec6ab91cbc5beeb75ad8dd645b06a8b844d1b7bab860d3ae72d0056c1ba48cc0ca37ba68b4d072438e

  • SSDEEP

    192:HPLXalN6/aYgxSuQAQ4gzoT3T3T+TFTxTnLXalNo+YgxSu3OUT3T3T+TFTxT5:HPLXalN6/aYgxSuQD4gzhLXalNo+Ygxq

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      be5fe215d1ce189773449883e7ad9e64

    • SHA1

      83403aa7e355aeca5dfa24ed93e0209290bf356f

    • SHA256

      b1a3f8f4cd01ff6b7f6cc1ddfcf2f969377b8d6f82c413026af04bcdbd66e4a2

    • SHA512

      d67c632211d726176da2ee7c4d7bd494d8f2dde0e59dcfec6ab91cbc5beeb75ad8dd645b06a8b844d1b7bab860d3ae72d0056c1ba48cc0ca37ba68b4d072438e

    • SSDEEP

      192:HPLXalN6/aYgxSuQAQ4gzoT3T3T+TFTxTnLXalNo+YgxSu3OUT3T3T+TFTxT5:HPLXalN6/aYgxSuQD4gzhLXalNo+Ygxq

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks