General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241205-trxlpayjhr

  • MD5

    2e89328dd47bdf779a65ec42a40efdad

  • SHA1

    2b1f270c39594c6ade4c0d4282c0d0bbadbef5b3

  • SHA256

    5081e4154c030832c2a38b95d701292aa74f839b29c9ee19bb69980624d7e208

  • SHA512

    8c89741879165ae5a709fc03ed29dd6933d2a4c9c98e137e7c1a6b2b7e35bc317153c822f2b4ed953789750f88ffd71fc75664dc1a62dcd83afa4c3adaf98faf

  • SSDEEP

    96:YAUAYAwX/M5RHV1iUFlTwko9LfzFb6x6p6/OWPkQ6QyQCJlTX+YX+UX+Ks+HKKfQ:0Vl6qXL2FlfESf3bEfnXL2Flnf33j

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      2e89328dd47bdf779a65ec42a40efdad

    • SHA1

      2b1f270c39594c6ade4c0d4282c0d0bbadbef5b3

    • SHA256

      5081e4154c030832c2a38b95d701292aa74f839b29c9ee19bb69980624d7e208

    • SHA512

      8c89741879165ae5a709fc03ed29dd6933d2a4c9c98e137e7c1a6b2b7e35bc317153c822f2b4ed953789750f88ffd71fc75664dc1a62dcd83afa4c3adaf98faf

    • SSDEEP

      96:YAUAYAwX/M5RHV1iUFlTwko9LfzFb6x6p6/OWPkQ6QyQCJlTX+YX+UX+Ks+HKKfQ:0Vl6qXL2FlfESf3bEfnXL2Flnf33j

    • Detects Xorbot

    • Xorbot

      Xorbot is a linux botnet and trojan targeting IoT devices.

    • Xorbot family

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks