General
-
Target
bins.sh
-
Size
10KB
-
Sample
241130-jfs41sylat
-
MD5
7f8d56359d16cf11a89348faee5e8201
-
SHA1
0175abd21fe3c193a9619f45bb01b07de596ed7b
-
SHA256
ed0eda682b342a2cc9ff34ff241ded67de3d2b00410ee13b0ea98a4f55eefffb
-
SHA512
208a0a3b03e45bf4e566787cce8a23d9d343f1c0d9fbd6b480f4a551bc7c9e23eaf92e50303725d62657a53c4352b641c10a70cf39178f1f36d2413d887b586b
-
SSDEEP
96:Y40TL5L5n5abqAHLPjZLqifWGTD3DLDcR5ZUuAu8uC5ZJxpr4XqiRuA8iL8AN5/Y:A/kZaq4B3R1irzs9o47R1irzeQ
Malware Config
Targets
-
-
Target
bins.sh
-
Size
10KB
-
MD5
7f8d56359d16cf11a89348faee5e8201
-
SHA1
0175abd21fe3c193a9619f45bb01b07de596ed7b
-
SHA256
ed0eda682b342a2cc9ff34ff241ded67de3d2b00410ee13b0ea98a4f55eefffb
-
SHA512
208a0a3b03e45bf4e566787cce8a23d9d343f1c0d9fbd6b480f4a551bc7c9e23eaf92e50303725d62657a53c4352b641c10a70cf39178f1f36d2413d887b586b
-
SSDEEP
96:Y40TL5L5n5abqAHLPjZLqifWGTD3DLDcR5ZUuAu8uC5ZJxpr4XqiRuA8iL8AN5/Y:A/kZaq4B3R1irzs9o47R1irzeQ
Score10/10-
Detects Xorbot
-
Xorbot
Xorbot is a linux botnet and trojan targeting IoT devices.
-
Xorbot family
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Virtualization/Sandbox Evasion
1System Checks
1