Analysis
-
max time kernel
0s -
max time network
150s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
08-08-2022 22:49
Static task
static1
Behavioral task
behavioral1
Sample
HTTPSAgent_Lin_amd64_Intel
Resource
ubuntu1804-amd64-en-20211208
ubuntu-18.04-amd64
1 signatures
150 seconds
General
-
Target
HTTPSAgent_Lin_amd64_Intel
-
Size
7.2MB
-
MD5
722942117c31a555ef2fdecc2699ac4e
-
SHA1
d4220a487016f17d6c7232cab6e8003f73c88f7e
-
SHA256
87fe0926310ec7769b2930c3046ec1f9c8465525e84bd43a4f7c3477815298ac
-
SHA512
fe57ec127c6eb6d3efd3142178e4b883f8e5599a380434b9f525c145a97636c95a17b5a483b934cc89731a6edb961cd821e6b0b46d859d00c581c4d6d0b04f5b
Score
5/10
Malware Config
Signatures
-
Enumerates kernel/hardware configuration 1 TTPs 1 IoCs
Reads contents of /sys virtual filesystem to enumerate system information.
Processes:
HTTPSAgent_Lin_amd64_Inteldescription ioc process /sys/kernel/mm/transparent_hugepage/hpage_pmd_size /sys/kernel/mm/transparent_hugepage/hpage_pmd_size HTTPSAgent_Lin_amd64_Intel
Processes
-
/tmp/HTTPSAgent_Lin_amd64_Intel/tmp/HTTPSAgent_Lin_amd64_Intel1⤵
- Enumerates kernel/hardware configuration
-
/bin/bash/bin/bash -c "awk -F'=' '/^ID=/ {print \$2}' /etc/os-release | tr -d '\"'"2⤵
-
/usr/bin/awkawk "-F=" "/^ID=/ {print \$2}" /etc/os-release3⤵
-
/usr/bin/trtr -d "\""3⤵
-
/bin/bash/bin/bash -c "awk -F'=' '/^VERSION_ID=/ {print \$2}' /etc/os-release | tr -d '\"'"1⤵
-
/usr/bin/awkawk "-F=" "/^VERSION_ID=/ {print \$2}" /etc/os-release2⤵
-
/usr/bin/trtr -d "\""2⤵