General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241029-y8d8ws1jeq

  • MD5

    f3efc6fa8e82412e419d4e7341a857e8

  • SHA1

    f872ddbffc63c11eb3c66c35311c465922ae3164

  • SHA256

    6e133f9eaae23c517a282babcd559696a0a89e57ae91b66e736109bcddc9fecc

  • SHA512

    d361299a6bcb5f86ff3c728a9e10b244517f4f7acc5351f6e8db2ff8afd4db3a02facee6aa6d33cf0627fe5171d9d5b4ed9a6665b24d11cac7f18c71523af789

  • SSDEEP

    192:WCLC/CWC7ClRCE/pJSMCJ8/V9mBjhHkB39H+dGCLC/CWC7ClRCepJSMCJmV9mBjj:WCLC/CWC7CTCEJh/V9mBVHkBtHuGCLCG

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      f3efc6fa8e82412e419d4e7341a857e8

    • SHA1

      f872ddbffc63c11eb3c66c35311c465922ae3164

    • SHA256

      6e133f9eaae23c517a282babcd559696a0a89e57ae91b66e736109bcddc9fecc

    • SHA512

      d361299a6bcb5f86ff3c728a9e10b244517f4f7acc5351f6e8db2ff8afd4db3a02facee6aa6d33cf0627fe5171d9d5b4ed9a6665b24d11cac7f18c71523af789

    • SSDEEP

      192:WCLC/CWC7ClRCE/pJSMCJ8/V9mBjhHkB39H+dGCLC/CWC7ClRCepJSMCJmV9mBjj:WCLC/CWC7CTCEJh/V9mBVHkBtHuGCLCG

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks