General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241129-1vvptsykaz

  • MD5

    a5da61eaff3ea0e56e811a2643d0d7f2

  • SHA1

    bf0f2e6d31d0c33d4e4c1a38cd38ef56353ac6ba

  • SHA256

    133705d1dad507e910f0e58c174967bb9ca9f06ff834c9be314b657cba0e2043

  • SHA512

    5cb3f1090a5aec83c6beb71d6509bf359a6879ebc4179c89dc10c835beec6e578993d141fbd8a3a979c77d2f4dc23838af55bd202becb624dee2ac8fadf1cdd3

  • SSDEEP

    192:TwsPjwjdlmSl9kT/vmBMWdlLl9kT/u6fPjz:TwsPjwu9mBhkPjz

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      a5da61eaff3ea0e56e811a2643d0d7f2

    • SHA1

      bf0f2e6d31d0c33d4e4c1a38cd38ef56353ac6ba

    • SHA256

      133705d1dad507e910f0e58c174967bb9ca9f06ff834c9be314b657cba0e2043

    • SHA512

      5cb3f1090a5aec83c6beb71d6509bf359a6879ebc4179c89dc10c835beec6e578993d141fbd8a3a979c77d2f4dc23838af55bd202becb624dee2ac8fadf1cdd3

    • SSDEEP

      192:TwsPjwjdlmSl9kT/vmBMWdlLl9kT/u6fPjz:TwsPjwu9mBhkPjz

    • Detects Xorbot

    • Xorbot

      Xorbot is a linux botnet and trojan targeting IoT devices.

    • Xorbot family

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks