8411b821db59fa7306c75cb20cc3e3d51bc58c7d0ab3227ef3250a8abc06260b

Resubmissions

28-07-2022 16:32

220728-t14flahhgl 10

25-07-2022 13:40

220725-qyjfvsefam 5

Analysis

max time kernel
0s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
28-07-2022 16:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

merlinAgent-custom-Linux-x64
Size

8.5MB
MD5

b6979cbbb6d8db0b796ccfa8a6c62db8
SHA1

925874842156f42f76ec4efa63b26380856680a3
SHA256

8411b821db59fa7306c75cb20cc3e3d51bc58c7d0ab3227ef3250a8abc06260b
SHA512

e8d04da7c3585dc390eb3b5a734d83ebf35d2e9d8529edaedb8829277efa70d57087af64d6bdadb9b29f9a995defd693efa6b3a71e924d98100da7f8518e92c6

Score

5^/10

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery

T1082

Processes:

merlinAgent-custom-Linux-x64

description	ioc	process
/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	merlinAgent-custom-Linux-x64

/tmp/merlinAgent-custom-Linux-x64
/tmp/merlinAgent-custom-Linux-x64
1⤵
- Enumerates kernel/hardware configuration
PID:581

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v6

Replay Monitor

Loading Replay Monitor...

Downloads