General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241202-n3qdvsykek

  • MD5

    76ba94435ced18162e80667193f2be3d

  • SHA1

    c4b716bb58b39a008d3bcd886deb02c1570831e6

  • SHA256

    6e025b2263805a84813cfadbec8d8c7597c3bf982fbd607227aa5d414fcb7f3d

  • SHA512

    528dea460c90468ff2e16fd04cf86c314c358ff016f996d459ffda1d2b3c3d8f0bfa6aa411162979fb929c4eeca56b70ca4f7903bbd994f5ba22041e8854ca58

  • SSDEEP

    192:FJf/fHfgf1fxf7F41556fzLF1DLf6RxizA7AYhy/+SEAYhy/+SLf6RxiK1M556f9:FCF4CF1DLf6RxKA7AYhy/+SEAYhy/+SM

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      76ba94435ced18162e80667193f2be3d

    • SHA1

      c4b716bb58b39a008d3bcd886deb02c1570831e6

    • SHA256

      6e025b2263805a84813cfadbec8d8c7597c3bf982fbd607227aa5d414fcb7f3d

    • SHA512

      528dea460c90468ff2e16fd04cf86c314c358ff016f996d459ffda1d2b3c3d8f0bfa6aa411162979fb929c4eeca56b70ca4f7903bbd994f5ba22041e8854ca58

    • SSDEEP

      192:FJf/fHfgf1fxf7F41556fzLF1DLf6RxizA7AYhy/+SEAYhy/+SLf6RxiK1M556f9:FCF4CF1DLf6RxKA7AYhy/+SEAYhy/+SM

    • Detects Xorbot

    • Xorbot

      Xorbot is a linux botnet and trojan targeting IoT devices.

    • Xorbot family

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks