General
-
Target
bins.sh
-
Size
10KB
-
Sample
241101-ggvywsxeqf
-
MD5
7818f21409682d22e702a988c8b30f76
-
SHA1
ac1361316344377a699b0a7766b23076a53962f3
-
SHA256
49c72d9c7261282277cce5e4f1d0e69fff0646e5cc65f7e941eaf2846729eca1
-
SHA512
cc5b954b4d659bf3de664e5ba8c00357b16390bf647c9ceb44cd808d83382821a2ea3745199fb0fb3435ae197a462a2c8c1aa0076ab746364ef41b807610aef4
-
SSDEEP
192:JE4L2VpKLb1oxBGXT6+ltNIfzhsozE45uVpKLbexBGXTz1tNIfz1:JxoxBGXT6TsoZKxBGXTq
Malware Config
Targets
-
-
Target
bins.sh
-
Size
10KB
-
MD5
7818f21409682d22e702a988c8b30f76
-
SHA1
ac1361316344377a699b0a7766b23076a53962f3
-
SHA256
49c72d9c7261282277cce5e4f1d0e69fff0646e5cc65f7e941eaf2846729eca1
-
SHA512
cc5b954b4d659bf3de664e5ba8c00357b16390bf647c9ceb44cd808d83382821a2ea3745199fb0fb3435ae197a462a2c8c1aa0076ab746364ef41b807610aef4
-
SSDEEP
192:JE4L2VpKLb1oxBGXT6+ltNIfzhsozE45uVpKLbexBGXTz1tNIfz1:JxoxBGXT6TsoZKxBGXTq
Score7/10-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Renames itself
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Virtualization/Sandbox Evasion
1System Checks
1