General
-
Target
bins.sh
-
Size
10KB
-
Sample
241129-1vvptsykaz
-
MD5
a5da61eaff3ea0e56e811a2643d0d7f2
-
SHA1
bf0f2e6d31d0c33d4e4c1a38cd38ef56353ac6ba
-
SHA256
133705d1dad507e910f0e58c174967bb9ca9f06ff834c9be314b657cba0e2043
-
SHA512
5cb3f1090a5aec83c6beb71d6509bf359a6879ebc4179c89dc10c835beec6e578993d141fbd8a3a979c77d2f4dc23838af55bd202becb624dee2ac8fadf1cdd3
-
SSDEEP
192:TwsPjwjdlmSl9kT/vmBMWdlLl9kT/u6fPjz:TwsPjwu9mBhkPjz
Malware Config
Targets
-
-
Target
bins.sh
-
Size
10KB
-
MD5
a5da61eaff3ea0e56e811a2643d0d7f2
-
SHA1
bf0f2e6d31d0c33d4e4c1a38cd38ef56353ac6ba
-
SHA256
133705d1dad507e910f0e58c174967bb9ca9f06ff834c9be314b657cba0e2043
-
SHA512
5cb3f1090a5aec83c6beb71d6509bf359a6879ebc4179c89dc10c835beec6e578993d141fbd8a3a979c77d2f4dc23838af55bd202becb624dee2ac8fadf1cdd3
-
SSDEEP
192:TwsPjwjdlmSl9kT/vmBMWdlLl9kT/u6fPjz:TwsPjwu9mBhkPjz
Score10/10-
Detects Xorbot
-
Xorbot
Xorbot is a linux botnet and trojan targeting IoT devices.
-
Xorbot family
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Virtualization/Sandbox Evasion
1System Checks
1