05451bb9b9c298b3bb4f006e7219a80264d01de63b7f703d2cad42e3a1b9b328

Analysis

max time kernel
0s
max time network
102s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
09-09-2022 08:11

Target

05451bb9b9c298b3bb4f006e7219a80264d01de63b7f703d2cad42e3a1b9b328.elf
Size

2.9MB
MD5

4484cbbb8b84035272ee72dc2fba1e7c
SHA1

e28017e07705ff507e05c7c56a6bc811a445e3a5
SHA256

05451bb9b9c298b3bb4f006e7219a80264d01de63b7f703d2cad42e3a1b9b328
SHA512

aa78813d23f7f58eb2f7c63fcddf19fcb839f88af11807b30fafd08315c8c4a22c2fe6f649e02dbc1c44babfec22e09eb2d1cd138c9350520ce16db8e6ede2ea
SSDEEP

49152:e9SJKUHYY91nB4OxeciVwBKfgY7PFsVE22a1:cS2k2BN

Score

5^/10

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery

description	ioc	Process
/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	05451bb9b9c298b3bb4f006e7219a80264d01de63b7f703d2cad42e3a1b9b328.elf

/tmp/05451bb9b9c298b3bb4f006e7219a80264d01de63b7f703d2cad42e3a1b9b328.elf
/tmp/05451bb9b9c298b3bb4f006e7219a80264d01de63b7f703d2cad42e3a1b9b328.elf
1⤵
- Enumerates kernel/hardware configuration
PID:571

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact