General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241029-vkn7eaykfp

  • MD5

    fdcd0a9d40b6cef0dd551b3d19ed0179

  • SHA1

    d6b34672361511ae0b96b2bb861fc19be029ebe8

  • SHA256

    79b33bc20663f7ec3c3b8c98e046f97c3548c8fefbc4cc83fb92d21ec3b6bc50

  • SHA512

    c82d8dea5b93369964974ec155fe53a5ab249c911010e45681d3d776ba73af641bd17eec69541a5c01c0692f6b160d4bfdca60fc3c6fc73920b1dc5cc6783fc8

  • SSDEEP

    192:zLP0LZVPSSDWyAEobSqa8slnuKzKLKXIMC5yTLP0LZVVSSDWyyEobSqGlCKzKLKL:zLP01VPSSDWy/8enuKzKLKXIMC5yTLPW

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      fdcd0a9d40b6cef0dd551b3d19ed0179

    • SHA1

      d6b34672361511ae0b96b2bb861fc19be029ebe8

    • SHA256

      79b33bc20663f7ec3c3b8c98e046f97c3548c8fefbc4cc83fb92d21ec3b6bc50

    • SHA512

      c82d8dea5b93369964974ec155fe53a5ab249c911010e45681d3d776ba73af641bd17eec69541a5c01c0692f6b160d4bfdca60fc3c6fc73920b1dc5cc6783fc8

    • SSDEEP

      192:zLP0LZVPSSDWyAEobSqa8slnuKzKLKXIMC5yTLP0LZVVSSDWyyEobSqGlCKzKLKL:zLP01VPSSDWy/8enuKzKLKXIMC5yTLPW

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks