General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241127-xlxahsvrg1

  • MD5

    c1c8c035278eb76ed49fd84848135d44

  • SHA1

    0d72719d26b3a64de00341c6e9868ed5a06be730

  • SHA256

    f47ef54aff0b25f7580f5de036ba7b729ae8027b6994001f189abb2fa3f185ac

  • SHA512

    55ba4127e2b9114d7c86f2359ca37030480a51ee71b1fae23463f8547715117b002149af1b6f2c14e52bad534c2ac4ecaeabfb3f8b5f63bd48ce40da77d0c9d7

  • SSDEEP

    192:r7D4rP3Y4uMQApBKdEM0hVQIMQYlFC4UMQYlFCWEM0hVIQrP3Y4TMQApB7:r/ZfRj

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      c1c8c035278eb76ed49fd84848135d44

    • SHA1

      0d72719d26b3a64de00341c6e9868ed5a06be730

    • SHA256

      f47ef54aff0b25f7580f5de036ba7b729ae8027b6994001f189abb2fa3f185ac

    • SHA512

      55ba4127e2b9114d7c86f2359ca37030480a51ee71b1fae23463f8547715117b002149af1b6f2c14e52bad534c2ac4ecaeabfb3f8b5f63bd48ce40da77d0c9d7

    • SSDEEP

      192:r7D4rP3Y4uMQApBKdEM0hVQIMQYlFC4UMQYlFCWEM0hVIQrP3Y4TMQApB7:r/ZfRj

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks