91f347e4dbea2b9e58273e262a94e7b0198f795050e3461c25fd3a5b4454e63f | Triage

Sharing

General

Target

bins.sh
Size

10KB
Sample

241121-txtf8ashrh
MD5

44dbdf99e6e4adb46218f00c0a9b4062
SHA1

6179b5866f487612dcd78a791cb78ed5096f3e28
SHA256

91f347e4dbea2b9e58273e262a94e7b0198f795050e3461c25fd3a5b4454e63f
SHA512

701d0e91d596ff158c4717923a5279da562597e0e7a974adec6ce26a0647954d8cb13b13440f5a97faba176fca7ea657e045034d24006fe2d919d4559811a07f
SSDEEP

192:myJypybUAnwuwiwONfVQ7uiUay+zm7mfmvKaI7TXH79lUgQDUcM8HhHhHEhD7XDC:zIobUASoF6OvKaI/12FFEhDcu6OvKaoj

Score

7^/10

antivm defense_evasion discovery execution linux persistence privilege_escalatio

Malware Config

Targets

- Target
  
  bins.sh
- Size
  
  10KB
- MD5
  
  44dbdf99e6e4adb46218f00c0a9b4062
- SHA1
  
  6179b5866f487612dcd78a791cb78ed5096f3e28
- SHA256
  
  91f347e4dbea2b9e58273e262a94e7b0198f795050e3461c25fd3a5b4454e63f
- SHA512
  
  701d0e91d596ff158c4717923a5279da562597e0e7a974adec6ce26a0647954d8cb13b13440f5a97faba176fca7ea657e045034d24006fe2d919d4559811a07f
- SSDEEP
  
  192:myJypybUAnwuwiwONfVQ7uiUay+zm7mfmvKaI7TXH79lUgQDUcM8HhHhHEhD7XDC:zIobUASoF6OvKaI/12FFEhDcu6OvKaoj
Score

7^/10

defense_evasion discovery execution persistence privilege_escalatio antivm
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
- Renames itself
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  execution persistence privilege_escalatio
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Cron

Persistence

Scheduled Task/Job

Cron

Privilege Escalation

Scheduled Task/Job

Cron

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Virtualization/Sandbox Evasion

System Checks

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryexecutionpersistenceprivilege_escalatio

behavioral2

antivmdefense_evasiondiscoveryexecutionpersistenceprivilege_escalatio

behavioral3

behavioral4