Overview

overview

7

Static

static

1

bins.sh

ubuntu-18.04-amd64

3

bins.sh

debian-9-armhf

7

bins.sh

debian-9-mips

7

bins.sh

debian-9-mipsel

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241101-pgyc1sskbl

  • MD5

    08f97bfa89c4595b9341e1badc203a1f

  • SHA1

    657966ff8f84e6740ec73c866fa7f4b4de36c12d

  • SHA256

    4dd53d92e06fcea220f5b50d211376b0613ddac7a1e45e7b4cee9aa1fcca64b3

  • SHA512

    f85495f56fcfd3d77a04043841616027128f716e38a7fa94e5f0c1ca5f7aa5b37592f3526cfe7fb83a5352b62dd79d963dd04e8348840c80bec49973d51459ee

  • SSDEEP

    192:0o3Hi5tYV2SXY4/EVcZe0IUZqsPmIUZqsP3oO2SXY4j3Hi5tR:R9EVoe0

Score
7/10
antivmdefense_evasiondiscoveryexecutionlinuxpersistenceprivilege_escalatio

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      08f97bfa89c4595b9341e1badc203a1f

    • SHA1

      657966ff8f84e6740ec73c866fa7f4b4de36c12d

    • SHA256

      4dd53d92e06fcea220f5b50d211376b0613ddac7a1e45e7b4cee9aa1fcca64b3

    • SHA512

      f85495f56fcfd3d77a04043841616027128f716e38a7fa94e5f0c1ca5f7aa5b37592f3526cfe7fb83a5352b62dd79d963dd04e8348840c80bec49973d51459ee

    • SSDEEP

      192:0o3Hi5tYV2SXY4/EVcZe0IUZqsPmIUZqsP3oO2SXY4j3Hi5tR:R9EVoe0

    Score
    7/10
    discoveryantivmdefense_evasionexecutionpersistenceprivilege_escalatio

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

      executionpersistenceprivilege_escalatio

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks