General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241030-pc6hts1rby

  • MD5

    4a055ab9ea26e8d30b1b0a6fd1a9bf98

  • SHA1

    38caa44916be82657e5dbdb08c9c44ca7ac46006

  • SHA256

    c53925b6dc545e765751bd490dff92a6e0a0a075dac07cbbde553402c5c24a22

  • SHA512

    6228781c2ffe7e0fe123d8b2ba7a6f37b2afbe11a7a771dc7bed464fda58b7948c8e0510dfa2eccd7c1411d58f161ec4cc02ce5e6754e726ffe2b1bf948b41a6

  • SSDEEP

    192:pjv67bB2Oc4TsUR88/T8ATc4TsU1/ljv67bJ:c2G88/T8AH/A

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      4a055ab9ea26e8d30b1b0a6fd1a9bf98

    • SHA1

      38caa44916be82657e5dbdb08c9c44ca7ac46006

    • SHA256

      c53925b6dc545e765751bd490dff92a6e0a0a075dac07cbbde553402c5c24a22

    • SHA512

      6228781c2ffe7e0fe123d8b2ba7a6f37b2afbe11a7a771dc7bed464fda58b7948c8e0510dfa2eccd7c1411d58f161ec4cc02ce5e6754e726ffe2b1bf948b41a6

    • SSDEEP

      192:pjv67bB2Oc4TsUR88/T8ATc4TsU1/ljv67bJ:c2G88/T8AH/A

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks