General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241030-v9en9szlfm

  • MD5

    ed10a432a29a8065d56b047ce849bcee

  • SHA1

    1d34cc9a2c21c266b0399feeaf8207afffff900c

  • SHA256

    dac1ec644004a86be24f4df15ddab8ea2dfa25ebef6c8eb6bf7bba1a4ef5520e

  • SHA512

    f5d271732e2156dff50496f7b37aa6a88b984a8f2a6150ce87c8cf04a7da71beff705ecfb99238f2491f1a59cf5a93e0e288b9aa21f7e69b7002d5a047ebfb4b

  • SSDEEP

    192:YnfMdxBeSNQk92WiY1ORRaPThi8+elo0iRRaPT1+elo04fnfMdxokQk92Wb:RJn1Zi8+elo0Z+elo0r

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      ed10a432a29a8065d56b047ce849bcee

    • SHA1

      1d34cc9a2c21c266b0399feeaf8207afffff900c

    • SHA256

      dac1ec644004a86be24f4df15ddab8ea2dfa25ebef6c8eb6bf7bba1a4ef5520e

    • SHA512

      f5d271732e2156dff50496f7b37aa6a88b984a8f2a6150ce87c8cf04a7da71beff705ecfb99238f2491f1a59cf5a93e0e288b9aa21f7e69b7002d5a047ebfb4b

    • SSDEEP

      192:YnfMdxBeSNQk92WiY1ORRaPThi8+elo0iRRaPT1+elo04fnfMdxokQk92Wb:RJn1Zi8+elo0Z+elo0r

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks