General
-
Target
bins.sh
-
Size
10KB
-
Sample
241125-pg389swmb1
-
MD5
a11f92e48c1efd2e63aed95cbe04af94
-
SHA1
c2de2f9e256ef84ee067c9211d373059fed96d1b
-
SHA256
6635e19968c3d0cdf14b07796a656dfe56415c8586c44aa8e509c937b5245b32
-
SHA512
78df94801ccc2831ce184b9de6a62ea70331f41cfcd9f7b112900401710d5623f4c862a1e52859316e626b608feed0c5d79fd2377d3ac8a12c2563c8365a572a
-
SSDEEP
192:JIc+rDhaJ8N5Lyyp1p/bLZ1Ic+rDK1peN5Lyy+G:6aJM1p/blR1pa
Malware Config
Targets
-
-
Target
bins.sh
-
Size
10KB
-
MD5
a11f92e48c1efd2e63aed95cbe04af94
-
SHA1
c2de2f9e256ef84ee067c9211d373059fed96d1b
-
SHA256
6635e19968c3d0cdf14b07796a656dfe56415c8586c44aa8e509c937b5245b32
-
SHA512
78df94801ccc2831ce184b9de6a62ea70331f41cfcd9f7b112900401710d5623f4c862a1e52859316e626b608feed0c5d79fd2377d3ac8a12c2563c8365a572a
-
SSDEEP
192:JIc+rDhaJ8N5Lyyp1p/bLZ1Ic+rDK1peN5Lyy+G:6aJM1p/blR1pa
Score7/10-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Renames itself
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Virtualization/Sandbox Evasion
1System Checks
1