8a84dc2a9a06b1fae0dd16765509f88f6f54559c36d4353fd040d02d4563f703

Analysis

max time kernel
0s
max time network
146s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
20/03/2023, 16:57

Target

8a84dc2a9a06b1fae0dd16765509f88f6f54559c36d4353fd040d02d4563f703.elf
Size

4.5MB
MD5

7dd8eda023828cdd4618ac9b1dd2cef8
SHA1

72df9015e7ed44393e4fa4c49f299276a3f5b26c
SHA256

8a84dc2a9a06b1fae0dd16765509f88f6f54559c36d4353fd040d02d4563f703
SHA512

4a9c0474e9720029c156330aed6528f8576054bd46f9f0852f4bbe13626daea68eccc3463b22171878f956ff164629d995d39b5ef877da7f66aa5fccba1410fb
SSDEEP

49152:N8+l3zf6rePEIrb/TgvO90dL3BmAFd4A64nsfJzNPFbqN/tIOQEupItmmUxrb0kn:N8zeZN0N/J6ePkxrrWkruE

Score

5^/10

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery

description	ioc	Process
/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	8a84dc2a9a06b1fae0dd16765509f88f6f54559c36d4353fd040d02d4563f703.elf

/tmp/8a84dc2a9a06b1fae0dd16765509f88f6f54559c36d4353fd040d02d4563f703.elf
/tmp/8a84dc2a9a06b1fae0dd16765509f88f6f54559c36d4353fd040d02d4563f703.elf
1⤵
- Enumerates kernel/hardware configuration
PID:580

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact