General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241030-ndpe9ssejq

  • MD5

    d603348acf1664193536df0beec83eac

  • SHA1

    00b5fb64fb9af50fccc94eb43e2c73feb640f53f

  • SHA256

    ea7225cd2b562194cc3bc349f6bcdfc9e7c1fb1ba8299d33b881785b6bb49cff

  • SHA512

    2e30abafef033b5416962560facc67d2c14fe0f0b8eb59ae920b1429c72aea2c6b216b1544ac743f0814ee69b0bce89c6e1c8221693d33ae865cecf6718be3c9

  • SSDEEP

    192:HgElqK/6EWuQxt0bbAHFDxt0bbjOgElqKA:J6E9Qxt0bbwtxt0bbP

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      d603348acf1664193536df0beec83eac

    • SHA1

      00b5fb64fb9af50fccc94eb43e2c73feb640f53f

    • SHA256

      ea7225cd2b562194cc3bc349f6bcdfc9e7c1fb1ba8299d33b881785b6bb49cff

    • SHA512

      2e30abafef033b5416962560facc67d2c14fe0f0b8eb59ae920b1429c72aea2c6b216b1544ac743f0814ee69b0bce89c6e1c8221693d33ae865cecf6718be3c9

    • SSDEEP

      192:HgElqK/6EWuQxt0bbAHFDxt0bbjOgElqKA:J6E9Qxt0bbwtxt0bbP

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks