General
-
Target
bins.sh
-
Size
10KB
-
Sample
241108-t2h62swamk
-
MD5
2408085a258a318bc587e649a5e777ad
-
SHA1
7d4f24886ae9a4e5b0a1ee3866a311e53a29506d
-
SHA256
208f87f17e8dcc98e856d3b7ce07c4aa005b9390fc6ee96c3fd1ba0ca38cd537
-
SHA512
5f9ddc2e0b28f44731c0d27db88455b7154293933a0aaf1d0096344f618fe40fbd5ff45ef4a56ba2a17d8e77f6de838690f88856fdbaaea0ff16dd63183bb7fa
-
SSDEEP
192:Iw+LtUc+r7f932KtEsj+nmtUc+r7f62KtEsU8:Iw+eHp+nJ18
Static task
static1
Behavioral task
behavioral1
Sample
bins.sh
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral2
Sample
bins.sh
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral3
Sample
bins.sh
Resource
debian9-mipsbe-20240418-en
Behavioral task
behavioral4
Sample
bins.sh
Resource
debian9-mipsel-20240226-en
Malware Config
Targets
-
-
Target
bins.sh
-
Size
10KB
-
MD5
2408085a258a318bc587e649a5e777ad
-
SHA1
7d4f24886ae9a4e5b0a1ee3866a311e53a29506d
-
SHA256
208f87f17e8dcc98e856d3b7ce07c4aa005b9390fc6ee96c3fd1ba0ca38cd537
-
SHA512
5f9ddc2e0b28f44731c0d27db88455b7154293933a0aaf1d0096344f618fe40fbd5ff45ef4a56ba2a17d8e77f6de838690f88856fdbaaea0ff16dd63183bb7fa
-
SSDEEP
192:Iw+LtUc+r7f932KtEsj+nmtUc+r7f62KtEsU8:Iw+eHp+nJ18
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Renames itself
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Virtualization/Sandbox Evasion
1System Checks
1