General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241029-xcbmfsyrek

  • MD5

    9d4dcec21fcb31fce32b81476a1a4cf6

  • SHA1

    8184b497b509ece2cf9441198d85b33275a0b22c

  • SHA256

    836d45d8f17d800c238cb9ee401880a062bf1f519fa3f900dfb7f12647b83494

  • SHA512

    191edb6618cd9b9b8952dd59e008e8c7816e84698d40949b5ca34feaf24094376d282e6a501f1bd35ece7abd649d9edfe481c8de26dcae285d77954339274a90

  • SSDEEP

    96:wSqp4E8rz1rhxF6J5XFGHEpQAN79wHylrzSB6FhxF6J5737/9QAFdSqp4EFqw:1rz1rhxF6J5XFGkpQAjrz7xF6J5tQAd

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      9d4dcec21fcb31fce32b81476a1a4cf6

    • SHA1

      8184b497b509ece2cf9441198d85b33275a0b22c

    • SHA256

      836d45d8f17d800c238cb9ee401880a062bf1f519fa3f900dfb7f12647b83494

    • SHA512

      191edb6618cd9b9b8952dd59e008e8c7816e84698d40949b5ca34feaf24094376d282e6a501f1bd35ece7abd649d9edfe481c8de26dcae285d77954339274a90

    • SSDEEP

      96:wSqp4E8rz1rhxF6J5XFGHEpQAN79wHylrzSB6FhxF6J5737/9QAFdSqp4EFqw:1rz1rhxF6J5XFGkpQAjrz7xF6J5tQAd

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks