Overview

overview

10

Static

static

1

bins.sh

ubuntu-18.04-amd64

3

bins.sh

debian-9-armhf

4

bins.sh

debian-9-mips

10

bins.sh

debian-9-mipsel

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241201-yps8pszpbx

  • MD5

    8ae54f0e0f74b5a181db92d49daa45e7

  • SHA1

    b918cd3ab6ac9947b2385bcbfb5eaaca0c8fe441

  • SHA256

    31285c2fc7a4946bbe369644a0f91c5a117506470e6a23c836ac6552453886ab

  • SHA512

    6015f204ecece96a555b142815f0ac7d1f538069d33fa58468d9ca789becaff424727f6ea4815c8fd9a8e67aa0efb80921b8a089bb9623846035fe6304de4cf6

  • SSDEEP

    96:YZxN+79+79+7p7m7iYLrvPjzPARLueaUb3jl7XgLRJJqikj/nLHb0okHBXJBUxtx:NyydMfnARWKSaehyydMjEO

Score
10/10
xorbotantivmbotnetdefense_evasiondiscoverylinuxtrojan

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      8ae54f0e0f74b5a181db92d49daa45e7

    • SHA1

      b918cd3ab6ac9947b2385bcbfb5eaaca0c8fe441

    • SHA256

      31285c2fc7a4946bbe369644a0f91c5a117506470e6a23c836ac6552453886ab

    • SHA512

      6015f204ecece96a555b142815f0ac7d1f538069d33fa58468d9ca789becaff424727f6ea4815c8fd9a8e67aa0efb80921b8a089bb9623846035fe6304de4cf6

    • SSDEEP

      96:YZxN+79+79+7p7m7iYLrvPjzPARLueaUb3jl7XgLRJJqikj/nLHb0okHBXJBUxtx:NyydMfnARWKSaehyydMjEO

    Score
    10/10
    discoveryantivmxorbotbotnettrojandefense_evasion

    • Detects Xorbot

      botnettrojan

    • Xorbot

      Xorbot is a linux botnet and trojan targeting IoT devices.

      botnettrojanxorbot

    • Xorbot family

      xorbot

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Executes dropped EXE

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks