Overview

overview

7

Static

static

1

bins.sh

ubuntu-18.04-amd64

7

bins.sh

debian-9-armhf

7

bins.sh

debian-9-mips

7

bins.sh

debian-9-mipsel

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241101-n2k3ra1blj

  • MD5

    2fe36714c5313a7d81854b3d14c21787

  • SHA1

    ed011c90831d33d3c8e8c3ae2581979532b0cf45

  • SHA256

    595e085ffa26fa28aa8239b3b3933d07640a8515849c28be5d4ec7dcede29171

  • SHA512

    99f2b2cf18a88d5d2f6fa5b93ff0a04ae5a72d5a36555118c0ac829b16414bd0524d03b3230fa7fc9a151f00e0f4c6f0a6302143dd94c0c1d0fb272882c29a9e

  • SSDEEP

    96:TRLVZ9tLlxg7buyLNe44ps1FjSlxg7bYlYXNxos644psNFW04XVZ9C4V:lLVZ9Jlxg7buyLNTUlxg7bT9GZ9B

Score
7/10
antivmdefense_evasiondiscoveryexecutionlinuxpersistenceprivilege_escalatio

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      2fe36714c5313a7d81854b3d14c21787

    • SHA1

      ed011c90831d33d3c8e8c3ae2581979532b0cf45

    • SHA256

      595e085ffa26fa28aa8239b3b3933d07640a8515849c28be5d4ec7dcede29171

    • SHA512

      99f2b2cf18a88d5d2f6fa5b93ff0a04ae5a72d5a36555118c0ac829b16414bd0524d03b3230fa7fc9a151f00e0f4c6f0a6302143dd94c0c1d0fb272882c29a9e

    • SSDEEP

      96:TRLVZ9tLlxg7buyLNe44ps1FjSlxg7bYlYXNxos644psNFW04XVZ9C4V:lLVZ9Jlxg7buyLNTUlxg7bT9GZ9B

    Score
    7/10
    defense_evasiondiscoveryexecutionpersistenceprivilege_escalatioantivm

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

      executionpersistenceprivilege_escalatio

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks