General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241029-jcykbsvnhm

  • MD5

    7bdfacc48d72c07eb7052d16a19a76f0

  • SHA1

    a058feb87c8f81b02db139e04e3ead74cdfa5039

  • SHA256

    3a85aa8a1ee06a7e1acf922f34ca9d529cab742d49d6465180e478b814e6a941

  • SHA512

    da94dbf8a216becf3c05750ee65a4c08c263ff2a61e7ce24bcff3ae537df65ccb7d9653d20605970e9f1730f5403cbca187737ce4587e4a3a7ab933fe8fdf82f

  • SSDEEP

    192:XMEQdEMKJHGD3ybL9SA5EQdEMLxD3ybLeb:XMEQdEMKp1SA5EQdEMrb

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      7bdfacc48d72c07eb7052d16a19a76f0

    • SHA1

      a058feb87c8f81b02db139e04e3ead74cdfa5039

    • SHA256

      3a85aa8a1ee06a7e1acf922f34ca9d529cab742d49d6465180e478b814e6a941

    • SHA512

      da94dbf8a216becf3c05750ee65a4c08c263ff2a61e7ce24bcff3ae537df65ccb7d9653d20605970e9f1730f5403cbca187737ce4587e4a3a7ab933fe8fdf82f

    • SSDEEP

      192:XMEQdEMKJHGD3ybL9SA5EQdEMLxD3ybLeb:XMEQdEMKp1SA5EQdEMrb

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks