Overview

overview

7

Static

static

1

bins.sh

ubuntu-18.04-amd64

7

bins.sh

debian-9-armhf

7

bins.sh

debian-9-mips

7

bins.sh

debian-9-mipsel

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241031-ke9k2svfnj

  • MD5

    abfaa07509a98cf9d61a9ee03366064b

  • SHA1

    29b8aa70ebe761df31582b1b62505f786b247305

  • SHA256

    2013171213d27c2f95f106cb7eca2000298cbb0f2d372071d99af8b12ed68e29

  • SHA512

    f075902543aeb6d5a01e97c8cde8c65e59b945c859a7b846c14d98263366506322b3b33a50f3dba6f4ab67698396cf4e90cf9ab26835c00dce9124844ed97329

  • SSDEEP

    192:qJBElpvTXslVFDTABtsvA9tovAEdXjJJBElp9TXslVjVDTABtKy:8DTABtsvAHovAEdXjBDTABtKy

Score
7/10
antivmdefense_evasiondiscoveryexecutionlinuxpersistenceprivilege_escalatio

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      abfaa07509a98cf9d61a9ee03366064b

    • SHA1

      29b8aa70ebe761df31582b1b62505f786b247305

    • SHA256

      2013171213d27c2f95f106cb7eca2000298cbb0f2d372071d99af8b12ed68e29

    • SHA512

      f075902543aeb6d5a01e97c8cde8c65e59b945c859a7b846c14d98263366506322b3b33a50f3dba6f4ab67698396cf4e90cf9ab26835c00dce9124844ed97329

    • SSDEEP

      192:qJBElpvTXslVFDTABtsvA9tovAEdXjJJBElp9TXslVjVDTABtKy:8DTABtsvAHovAEdXjBDTABtKy

    Score
    7/10
    defense_evasiondiscoveryexecutionpersistenceprivilege_escalatioantivm

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

      executionpersistenceprivilege_escalatio

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks