General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241030-r2z4fstqgy

  • MD5

    9f621b5ae9a274c5f31121b034dcd264

  • SHA1

    55a6e41d00bd22037b0807bfea4c2f49f167d3c9

  • SHA256

    f0e0f299d0aa4f1ef19c4d78e0083fe9f97d9ae67228517aaf8b5ce8a4961e70

  • SHA512

    64848a1443757a02f631db901531c96d8b9a095b51fbc33f0fddaa61bbd73e395ebb4c8e088507e7f60edef1ffbfe3cb1daf05f366b4a07424302ac58bdd1868

  • SSDEEP

    192:kqebgk/Oe33Sr3H7LnD/UDLGCgkj33Sr3r7XD/UDL6T:kqeTOTPzT

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      9f621b5ae9a274c5f31121b034dcd264

    • SHA1

      55a6e41d00bd22037b0807bfea4c2f49f167d3c9

    • SHA256

      f0e0f299d0aa4f1ef19c4d78e0083fe9f97d9ae67228517aaf8b5ce8a4961e70

    • SHA512

      64848a1443757a02f631db901531c96d8b9a095b51fbc33f0fddaa61bbd73e395ebb4c8e088507e7f60edef1ffbfe3cb1daf05f366b4a07424302ac58bdd1868

    • SSDEEP

      192:kqebgk/Oe33Sr3H7LnD/UDLGCgkj33Sr3r7XD/UDL6T:kqeTOTPzT

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks