dc7aaaaaeb81239b4d180f704bc7f122e6bcc9293bf8fb4713b22f8c10a0002c

Reason

Remote task has failed: platform exec: signal: killed: 2020/11/19 16:46:37 insmod stahp.ko pid=555 receiver=10.4.0.1:44847

General

Target

1351d0681137029f9b31d3d15e3b828f
Size

37KB
MD5

1351d0681137029f9b31d3d15e3b828f
SHA1

337c808e19027b4e9a75d214059644b612421c93
SHA256

dc7aaaaaeb81239b4d180f704bc7f122e6bcc9293bf8fb4713b22f8c10a0002c
SHA512

8fbcf7a25004d4077e5fec0be1e4abcd519cd9e8ccd8d08e212295002c10f46d0e54067e5413c8033f79e6edc869267087b2f8629771ee43ea6f5ea6a5db8263

Score

6^/10

Malware Config

Signatures

Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery
T1016

Processes:

description ioc

/proc/net/maps /proc/net/maps

description	ioc
/proc/net/maps	/proc/net/maps

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

Processes:

description	ioc
/proc/24/maps	/proc/24/maps
/proc/249/maps	/proc/249/maps
/proc/cmdline/maps	/proc/cmdline/maps
/proc/160/maps	/proc/160/maps
/proc/370/maps	/proc/370/maps
/proc/479/maps	/proc/479/maps
/proc/9/maps	/proc/9/maps
/proc/driver/maps	/proc/driver/maps
/proc/16/maps	/proc/16/maps
/proc/dma/maps	/proc/dma/maps
/proc/190/maps	/proc/190/maps
/proc/561/maps	/proc/561/maps
/proc/4/maps	/proc/4/maps
/proc/version_signature/maps	/proc/version_signature/maps
/proc/33/maps	/proc/33/maps
/proc/167/maps	/proc/167/maps
/proc/443/maps	/proc/443/maps
/proc/timer_list/maps	/proc/timer_list/maps
/proc/32/maps	/proc/32/maps
/proc/164/maps	/proc/164/maps
/proc/3/maps	/proc/3/maps
/proc/softirqs/maps	/proc/softirqs/maps
/proc/191/maps	/proc/191/maps
/proc/563/maps	/proc/563/maps
/proc/mdstat/maps	/proc/mdstat/maps
/proc/8/maps	/proc/8/maps
/proc/14/maps	/proc/14/maps
/proc/157/maps	/proc/157/maps
/proc/fs/maps	/proc/fs/maps
/proc/kpageflags/maps	/proc/kpageflags/maps
/proc/30/maps	/proc/30/maps
/proc/79/maps	/proc/79/maps
/proc/mtrr/maps	/proc/mtrr/maps
/proc/stat/maps	/proc/stat/maps
/proc/163/maps	/proc/163/maps
/proc/fb/maps	/proc/fb/maps
/proc/key-users/maps	/proc/key-users/maps
/proc/execdomains/maps	/proc/execdomains/maps
/proc/kpagecgroup/maps	/proc/kpagecgroup/maps
/proc/5/maps	/proc/5/maps
/proc/154/maps	/proc/154/maps
/proc/161/maps	/proc/161/maps
/proc/562/maps	/proc/562/maps
/proc/kallsyms/maps	/proc/kallsyms/maps
/proc/13/maps	/proc/13/maps
/proc/159/maps	/proc/159/maps
/proc/302/maps	/proc/302/maps
/proc/359/maps	/proc/359/maps
/proc/	/proc/
/proc/11/maps	/proc/11/maps
/proc/21/maps	/proc/21/maps
/proc/546/maps	/proc/546/maps
/proc/6/maps	/proc/6/maps
/proc/thread-self/maps	/proc/thread-self/maps
/proc/97/maps	/proc/97/maps
/proc/114/maps	/proc/114/maps
/proc/250/maps	/proc/250/maps
/proc/564/maps	/proc/564/maps
/proc/acpi/maps	/proc/acpi/maps
/proc/buddyinfo/maps	/proc/buddyinfo/maps
/proc/partitions/maps	/proc/partitions/maps
/proc/vmallocinfo/maps	/proc/vmallocinfo/maps
/proc/29/maps	/proc/29/maps
/proc/237/maps	/proc/237/maps

./1351d0681137029f9b31d3d15e3b828f
./1351d0681137029f9b31d3d15e3b828f
1⤵
PID:562

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

1

T1016

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

Errors

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads