General
-
Target
bins.sh
-
Size
10KB
-
Sample
241128-nv5tkswnet
-
MD5
9503ab0b6526c00af56b7c1314064cc9
-
SHA1
1f140ae86223a0b7ea75fa1d8649c680e66b82ff
-
SHA256
1672c5ce52a91f3767f2eb239533fd5f2a67104391d57afdb7fecc0bf5510f11
-
SHA512
1d028790bfc0dd153d1be06af1b0a2a254e602577c9d38a4ed9e5eeab206ff5a73b2f62224a99ec3048a02431a4dcedf5ff9ca5eb984639fd15d7454e161f8c9
-
SSDEEP
192:gjHgUEjr/zsI4JBJ8tgCzzNgmsiio9ZEgUEjrvFsI4JBR89zzNg1iio9Z1:gjUK8tgePO8R
Static task
static1
Behavioral task
behavioral1
Sample
bins.sh
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral2
Sample
bins.sh
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral3
Sample
bins.sh
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral4
Sample
bins.sh
Resource
debian9-mipsel-20240611-en
Malware Config
Targets
-
-
Target
bins.sh
-
Size
10KB
-
MD5
9503ab0b6526c00af56b7c1314064cc9
-
SHA1
1f140ae86223a0b7ea75fa1d8649c680e66b82ff
-
SHA256
1672c5ce52a91f3767f2eb239533fd5f2a67104391d57afdb7fecc0bf5510f11
-
SHA512
1d028790bfc0dd153d1be06af1b0a2a254e602577c9d38a4ed9e5eeab206ff5a73b2f62224a99ec3048a02431a4dcedf5ff9ca5eb984639fd15d7454e161f8c9
-
SSDEEP
192:gjHgUEjr/zsI4JBJ8tgCzzNgmsiio9ZEgUEjrvFsI4JBR89zzNg1iio9Z1:gjUK8tgePO8R
-
Contacts a large (2036) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
Renames itself
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Virtualization/Sandbox Evasion
1System Checks
1