76ad597f019cf8bf5da37854c89bfce4df504114f6f065ce6ab47627c5c3ec44 | Triage

Analysis

max time kernel
0s
max time network
103s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
23-08-2022 00:28

Sharing

Report Analysis Logs

General

Target

dontkillme
Size

5.2MB
MD5

3fa918b48914bc792a3ee675dd0f7c82
SHA1

07276151b416682c90e9b32e4c049f63220849d4
SHA256

d68fa9e9187a8d0021b61b57d5f963fd7f6e15f5867f0caf7d7b8cb5d0f51778
SHA512

579414a5e5a8c78c06da76933cc77f797236004568a1bed22222ef55bdd79c86787d0d4b958f70850d38beb9a2fcdd42a7dd400bc038ce3f57e59e3284042fd4

Score

5^/10

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs
Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery
T1082

Processes:

dontkillme

description ioc process

/sys/devices/system/cpu /sys/devices/system/cpu dontkillme

/tmp/dontkillme
/tmp/dontkillme
1⤵
- Enumerates kernel/hardware configuration
PID:581

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads