General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241031-mvh45svncy

  • MD5

    3dd5c19ec5fe98baa364142d535458dd

  • SHA1

    07c95352a7b1f0aa31bea494cd8e2e4f6dfab78f

  • SHA256

    96ee5037d97be56be07480a9596e28c95b95a91f180aecda5097319fdeec7deb

  • SHA512

    81bcbab2896b757cdebbc6b90b866f6a591c375036fd0043391e2b28b69a7d3fdb2471e023cdf9a613e4e8c0ad008231e4089365151a7e6249a8825b5eb7a479

  • SSDEEP

    192:sUA5CiAJnvavrYnXpapai2b66+SeKLDsvrYnXZ+i2b66SSe+dUA5CiKnv1:sUA5CiAJnv/apmHRSUA5CiKnv1

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      3dd5c19ec5fe98baa364142d535458dd

    • SHA1

      07c95352a7b1f0aa31bea494cd8e2e4f6dfab78f

    • SHA256

      96ee5037d97be56be07480a9596e28c95b95a91f180aecda5097319fdeec7deb

    • SHA512

      81bcbab2896b757cdebbc6b90b866f6a591c375036fd0043391e2b28b69a7d3fdb2471e023cdf9a613e4e8c0ad008231e4089365151a7e6249a8825b5eb7a479

    • SSDEEP

      192:sUA5CiAJnvavrYnXpapai2b66+SeKLDsvrYnXZ+i2b66SSe+dUA5CiKnv1:sUA5CiAJnv/apmHRSUA5CiKnv1

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks