0e7c96a22e3612c68866a8693cc583df95972d3444978ce163c024a45682133a | Triage

Analysis

max time kernel
0s
max time network
103s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
09-08-2022 23:51

Sharing

Report Analysis Logs

General

Target

exploit
Size

4.2MB
MD5

2772b34861b765d9494561527efb41f5
SHA1

68e6efb2f405919cb5bd6a7a54a02d0f16b7b6ec
SHA256

0e7c96a22e3612c68866a8693cc583df95972d3444978ce163c024a45682133a
SHA512

560016a309423bbeebc25b055ea5b6ea6fff9588988962d660471eabc316c8694bcdce33a3a31378a6b9c9e3b8d8129d18e907c324bc6a47646b21368af08cae

Score

5^/10

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs
Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery
T1082

Processes:

exploit

description ioc process

/sys/kernel/mm/transparent_hugepage/hpage_pmd_size /sys/kernel/mm/transparent_hugepage/hpage_pmd_size exploit

/tmp/exploit
/tmp/exploit
1⤵
- Enumerates kernel/hardware configuration
PID:576

/usr/bin/pkexec
1⤵
PID:576

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...