baab79252bc9c7f91e534d97826913a53ccd378649706b77c8f448566dab641d | Triage

Sharing

General

Target

bins.sh
Size

10KB
Sample

241031-ws6bbstlfq
MD5

add9df3fe0956071f11080084a31bdeb
SHA1

f7ae02765b04a8c8e2a9f9c67fe20acd4516fd05
SHA256

baab79252bc9c7f91e534d97826913a53ccd378649706b77c8f448566dab641d
SHA512

2e6bd72689deb04f699f94d15949886de251783f5e5c037cd76647fc10b6777f1c7fa1659fbec5e824ef0427e152a3879744edfceed370b4a3213d41749cc84c
SSDEEP

96:9aG1ai9mSxkvymsIWTbbSb2bNbUb0bRG+aG1ai0SM9SvVkT7kmiec+vobbSb2bNj:7xkvymsIWTPK7GX

Score

7^/10

antivm defense_evasion discovery execution linux persistence privilege_escalatio

Malware Config

Targets

- Target
  
  bins.sh
- Size
  
  10KB
- MD5
  
  add9df3fe0956071f11080084a31bdeb
- SHA1
  
  f7ae02765b04a8c8e2a9f9c67fe20acd4516fd05
- SHA256
  
  baab79252bc9c7f91e534d97826913a53ccd378649706b77c8f448566dab641d
- SHA512
  
  2e6bd72689deb04f699f94d15949886de251783f5e5c037cd76647fc10b6777f1c7fa1659fbec5e824ef0427e152a3879744edfceed370b4a3213d41749cc84c
- SSDEEP
  
  96:9aG1ai9mSxkvymsIWTbbSb2bNbUb0bRG+aG1ai0SM9SvVkT7kmiec+vobbSb2bNj:7xkvymsIWTPK7GX
Score

7^/10

defense_evasion discovery execution persistence privilege_escalatio antivm
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
- Renames itself
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  execution persistence privilege_escalatio
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Cron

Persistence

Scheduled Task/Job

Cron

Privilege Escalation

Scheduled Task/Job

Cron

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Network Configuration Discovery

Virtualization/Sandbox Evasion

System Checks

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryexecutionpersistenceprivilege_escalatio

behavioral2

antivmdefense_evasiondiscoveryexecutionpersistenceprivilege_escalatio

behavioral3

defense_evasiondiscoveryexecutionpersistenceprivilege_escalatio

behavioral4

defense_evasiondiscoveryexecutionpersistenceprivilege_escalatio