General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241029-p6ft9swajl

  • MD5

    42a91996d3906977b0689100fe60c6ce

  • SHA1

    d3a4064e1656b10a16defcf2ae834ff9663c0ed8

  • SHA256

    3e47b25efc485e784daf709b443b85050e8e7b1662e67dd29eacb61f875ea3b5

  • SHA512

    584adbfd499013ba10ac22aeade58ecc01481ca87759c46aba787436265956fe2e087a8f4539b456c27b15a2e6e77d7c1230806aae40e42cb923dc06b5550712

  • SSDEEP

    192:O1B+28cRI8WP3U5Fx2Fxcr6P3U5FWo48cRI8S1BA:D28cRI832ncrV48cRI8F

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      42a91996d3906977b0689100fe60c6ce

    • SHA1

      d3a4064e1656b10a16defcf2ae834ff9663c0ed8

    • SHA256

      3e47b25efc485e784daf709b443b85050e8e7b1662e67dd29eacb61f875ea3b5

    • SHA512

      584adbfd499013ba10ac22aeade58ecc01481ca87759c46aba787436265956fe2e087a8f4539b456c27b15a2e6e77d7c1230806aae40e42cb923dc06b5550712

    • SSDEEP

      192:O1B+28cRI8WP3U5Fx2Fxcr6P3U5FWo48cRI8S1BA:D28cRI832ncrV48cRI8F

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks