956b4f4c2b994b61a3f395db42c7eb576bbf306dc75d2f7c97cc02d71b0f2f23 | Triage

Sharing

General

Target

bins.sh
Size

10KB
Sample

241121-tq8bssshma
MD5

534a73324bdffc21d98727b2f74568ce
SHA1

89685be31befce3ea973d79dacec145875bc5dbb
SHA256

956b4f4c2b994b61a3f395db42c7eb576bbf306dc75d2f7c97cc02d71b0f2f23
SHA512

7c07c3c58e7d98e393d7ba902a3e57df1a6d8c9b6e4b74f0c8d6ddb683032112bb4b9af3b0d445f83ef69cb76438d236bcc6fe107738c3e1e5fb2b95638b11c1
SSDEEP

192:kd9bUApimONfVQbfBVvKaIyOfmmEhDe5BVvKa6dmmEhAd9bUAdimONfVp:kd9bUADbfBVvKaIyOfmmEhDe5BVvKa6S

Score

7^/10

antivm defense_evasion discovery execution linux persistence privilege_escalatio

Malware Config

Targets

- Target
  
  bins.sh
- Size
  
  10KB
- MD5
  
  534a73324bdffc21d98727b2f74568ce
- SHA1
  
  89685be31befce3ea973d79dacec145875bc5dbb
- SHA256
  
  956b4f4c2b994b61a3f395db42c7eb576bbf306dc75d2f7c97cc02d71b0f2f23
- SHA512
  
  7c07c3c58e7d98e393d7ba902a3e57df1a6d8c9b6e4b74f0c8d6ddb683032112bb4b9af3b0d445f83ef69cb76438d236bcc6fe107738c3e1e5fb2b95638b11c1
- SSDEEP
  
  192:kd9bUApimONfVQbfBVvKaIyOfmmEhDe5BVvKa6dmmEhAd9bUAdimONfVp:kd9bUADbfBVvKaIyOfmmEhDe5BVvKa6S
Score

7^/10

defense_evasion discovery execution persistence privilege_escalatio antivm
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
- Renames itself
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  execution persistence privilege_escalatio
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Cron

Persistence

Scheduled Task/Job

Cron

Privilege Escalation

Scheduled Task/Job

Cron

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Virtualization/Sandbox Evasion

System Checks

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryexecutionpersistenceprivilege_escalatio

behavioral2

antivmdefense_evasiondiscoveryexecutionpersistenceprivilege_escalatio

behavioral3

defense_evasiondiscovery

behavioral4

defense_evasiondiscovery