Overview

overview

10

Static

static

1

bins.sh

ubuntu-18.04-amd64

3

bins.sh

debian-9-armhf

4

bins.sh

debian-9-mips

3

bins.sh

debian-9-mipsel

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241130-dfkvraylgz

  • MD5

    a454322a1daf50c15bbf98f7e4481063

  • SHA1

    7f104689164588c56c2caebfabbf11da9362fdcc

  • SHA256

    330f61b8a22a5266f4cf6af534521ba9f6bdb8f95532456ef7efec343e9b81ca

  • SHA512

    2c5075936f326b2fbf1f8914ba511911c7cfdac6dd95a4f046ab3e0ca0b2f7dfba884e358cd050d635a1be60b4d28942b6ec4d72d66c68586be39a85c47801b2

  • SSDEEP

    192:xaz+mxoc2p7bORV7019NIZS+p+mxocAo7bORVw194:0z+mxoc2p7bORV7yIZSE+mxocAo7bOR9

Score
10/10
xorbotantivmbotnetdefense_evasiondiscoverylinuxtrojan

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      a454322a1daf50c15bbf98f7e4481063

    • SHA1

      7f104689164588c56c2caebfabbf11da9362fdcc

    • SHA256

      330f61b8a22a5266f4cf6af534521ba9f6bdb8f95532456ef7efec343e9b81ca

    • SHA512

      2c5075936f326b2fbf1f8914ba511911c7cfdac6dd95a4f046ab3e0ca0b2f7dfba884e358cd050d635a1be60b4d28942b6ec4d72d66c68586be39a85c47801b2

    • SSDEEP

      192:xaz+mxoc2p7bORV7019NIZS+p+mxocAo7bORVw194:0z+mxoc2p7bORV7yIZSE+mxocAo7bOR9

    Score
    10/10
    discoveryantivmxorbotbotnetdefense_evasiontrojan

    • Detects Xorbot

      botnettrojan

    • Xorbot

      Xorbot is a linux botnet and trojan targeting IoT devices.

      botnettrojanxorbot

    • Xorbot family

      xorbot

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Executes dropped EXE

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks