General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241030-vmfm2syann

  • MD5

    71dfc079eb72f44d804cbfb1a9717a7d

  • SHA1

    fbc29c44ce2ceae336d058c923054b9b1d323685

  • SHA256

    d56561497fec7c778e924cf7c69762347a688d1b35649f94d4a5da11cc1851c4

  • SHA512

    4c0c64c7434c0b7e5526ada294ac13db8aeb1c1df9f37f5d4fdf0a811436c9a8cadee2b3798e0392084c88a141dd89183617f7764bb27e9ec65ac2bc7a5d1778

  • SSDEEP

    192:oHPMdxBAS34c92W8YHuzzaPThwCU0lo0qzzaPT3U0lo0yfHPMdxSc4c92W5:JflHBwCU0lo0rU0lo0F

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      71dfc079eb72f44d804cbfb1a9717a7d

    • SHA1

      fbc29c44ce2ceae336d058c923054b9b1d323685

    • SHA256

      d56561497fec7c778e924cf7c69762347a688d1b35649f94d4a5da11cc1851c4

    • SHA512

      4c0c64c7434c0b7e5526ada294ac13db8aeb1c1df9f37f5d4fdf0a811436c9a8cadee2b3798e0392084c88a141dd89183617f7764bb27e9ec65ac2bc7a5d1778

    • SSDEEP

      192:oHPMdxBAS34c92W8YHuzzaPThwCU0lo0qzzaPT3U0lo0yfHPMdxSc4c92W5:JflHBwCU0lo0rU0lo0F

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks