10e3e3e76552e191e9c880e374448c94e4d9ea8b76337345ffed3305d3b6722e | Triage

Sharing

General

Target

bins.sh
Size

10KB
Sample

241125-vlt42sxjds
MD5

ff11827cacbdfc494c394c5d8e7272db
SHA1

9acddf73007240f35b04f7fe4732d47cd0b04137
SHA256

10e3e3e76552e191e9c880e374448c94e4d9ea8b76337345ffed3305d3b6722e
SHA512

a045f1446bdb8160644c1e258d5a17327dc5d81b05bda3fddbe70b00007d6b63363d4b98f10a9c1fbcdf87befe5a73a543a4e0f7728feae5ad0e053384968958
SSDEEP

192:JBVtKqN2M/XoDM9VR9/9d9k9I9NGjOHBVtKq8sXU9VR9/9d9k9I9Ton:t2MfoDM9X9/9d9k9I9NG6m2U9X9/9d9y

Score

7^/10

antivm defense_evasion discovery execution linux persistence privilege_escalatio

Malware Config

Targets

- Target
  
  bins.sh
- Size
  
  10KB
- MD5
  
  ff11827cacbdfc494c394c5d8e7272db
- SHA1
  
  9acddf73007240f35b04f7fe4732d47cd0b04137
- SHA256
  
  10e3e3e76552e191e9c880e374448c94e4d9ea8b76337345ffed3305d3b6722e
- SHA512
  
  a045f1446bdb8160644c1e258d5a17327dc5d81b05bda3fddbe70b00007d6b63363d4b98f10a9c1fbcdf87befe5a73a543a4e0f7728feae5ad0e053384968958
- SSDEEP
  
  192:JBVtKqN2M/XoDM9VR9/9d9k9I9NGjOHBVtKq8sXU9VR9/9d9k9I9Ton:t2MfoDM9X9/9d9k9I9NG6m2U9X9/9d9y
Score

7^/10

defense_evasion discovery execution persistence privilege_escalatio antivm
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
- Renames itself
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  execution persistence privilege_escalatio
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Cron

Persistence

Scheduled Task/Job

Cron

Privilege Escalation

Scheduled Task/Job

Cron

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Virtualization/Sandbox Evasion

System Checks

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryexecutionpersistenceprivilege_escalatio

behavioral2

antivmdefense_evasiondiscoveryexecutionpersistenceprivilege_escalatio

behavioral3

defense_evasiondiscoveryexecutionpersistenceprivilege_escalatio

behavioral4

defense_evasiondiscoveryexecutionpersistenceprivilege_escalatio