4c355a35b6c7caa2f604c110086f4295d6493ef276f8d4ef082f6f44e76c58ee

Resubmissions

28-07-2022 16:32

220728-t19ydahhgn 10

25-07-2022 13:42

220725-qznrzaefar 5

Analysis

max time kernel
0s
max time network
121s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
28-07-2022 16:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

merlinAgent-default-Linux-x64
Size

8.5MB
MD5

cae5a8534f74b4e950f707907f5f9b23
SHA1

4c93540751d2cb909b89f1ed002497065880413b
SHA256

4c355a35b6c7caa2f604c110086f4295d6493ef276f8d4ef082f6f44e76c58ee
SHA512

54f8c63c4c2f05ee3a3b24a31cb455b8b7e2f5e96850d6b3da93c5e571c85cdd563dd4961d55dac5d9738e443ebcf90b4b69b20a8e16fe5afc37473f23df7965

Score

5^/10

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery

T1082

Processes:

merlinAgent-default-Linux-x64

description	ioc	process
/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	merlinAgent-default-Linux-x64

/tmp/merlinAgent-default-Linux-x64
/tmp/merlinAgent-default-Linux-x64
1⤵
- Enumerates kernel/hardware configuration
PID:571

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads