General

  • Target

    bins.sh

  • Size

    10KB

  • Sample

    241205-zqzybaxrep

  • MD5

    a0c68eea30de3bb3d2bacc75915ecfd1

  • SHA1

    8f799976e27eadb06194ebd7b937f9f27b5eea26

  • SHA256

    f224c3f520f57073b4178ceef68ac515abd4b85211bbffe1c74145df48f4f07a

  • SHA512

    bd8d9dfdc1f9f0bb0db5b08356666b1269b91a54ebd330a82c363982f0532efd804748f8165c77fad9d5545bf63a2f141d229fe50daf9b10ff096cb2017e63a4

  • SSDEEP

    192:ih5cLnt4OxE2qjQYLkNc2qjQYgEh5cLnD:X4OxE2qjQYLkNc2qjQYgv

Malware Config

Targets

    • Target

      bins.sh

    • Size

      10KB

    • MD5

      a0c68eea30de3bb3d2bacc75915ecfd1

    • SHA1

      8f799976e27eadb06194ebd7b937f9f27b5eea26

    • SHA256

      f224c3f520f57073b4178ceef68ac515abd4b85211bbffe1c74145df48f4f07a

    • SHA512

      bd8d9dfdc1f9f0bb0db5b08356666b1269b91a54ebd330a82c363982f0532efd804748f8165c77fad9d5545bf63a2f141d229fe50daf9b10ff096cb2017e63a4

    • SSDEEP

      192:ih5cLnt4OxE2qjQYLkNc2qjQYgEh5cLnD:X4OxE2qjQYLkNc2qjQYgv

    • Detects Xorbot

    • Xorbot

      Xorbot is a linux botnet and trojan targeting IoT devices.

    • Xorbot family

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks