Overview

overview

7

Static

static

1

bins.sh

ubuntu-18.04-amd64

7

bins.sh

debian-9-armhf

7

bins.sh

debian-9-mips

7

bins.sh

debian-9-mipsel

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241101-q3p47s1ekc

  • MD5

    c239c7e3d4676bbf2bae53fcd138debd

  • SHA1

    deee5ef8465e8f056bd304b7ee07072fcfefa338

  • SHA256

    9d5e5b6c3a805c2e3779d7528fa35a68acca84a3d74f139e275a1aead390062c

  • SHA512

    6278894728e90773051729e86f214c9c31b05daf7d969d1cc30c7576447092c1a682973a1f6d923ee5a11043fbec3f3aa0e85505d5d77c42244bba077900387b

  • SSDEEP

    192:MyXni5tYRO6XY4/MVeZYswMZqsPuwMZqsP3A+O6XY4pXni5tT:ZjMVOYu

Score
7/10
antivmdefense_evasiondiscoveryexecutionlinuxpersistenceprivilege_escalatio

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      c239c7e3d4676bbf2bae53fcd138debd

    • SHA1

      deee5ef8465e8f056bd304b7ee07072fcfefa338

    • SHA256

      9d5e5b6c3a805c2e3779d7528fa35a68acca84a3d74f139e275a1aead390062c

    • SHA512

      6278894728e90773051729e86f214c9c31b05daf7d969d1cc30c7576447092c1a682973a1f6d923ee5a11043fbec3f3aa0e85505d5d77c42244bba077900387b

    • SSDEEP

      192:MyXni5tYRO6XY4/MVeZYswMZqsPuwMZqsP3A+O6XY4pXni5tT:ZjMVOYu

    Score
    7/10
    defense_evasiondiscoveryexecutionpersistenceprivilege_escalatioantivm

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

      executionpersistenceprivilege_escalatio

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks