9bacc4a2e4f07a899a123e8d9bfaba7ba142626c89dfb536a5389ef6ac60e5b6

Analysis

max time kernel
4s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
26/07/2023, 17:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9bacc4a2e4f07a899a123e8d9bfaba7ba142626c89dfb536a5389ef6ac60e5b6.bin
Size

4.5MB
MD5

9246a3e8f750cec3d58d10d468c2080c
SHA1

da83c093dfc30693bada64265eea9f7db9293d8e
SHA256

9bacc4a2e4f07a899a123e8d9bfaba7ba142626c89dfb536a5389ef6ac60e5b6
SHA512

ea54772e735070b83adffecd7ec07068af8c3afd407b15051a5145cb742393877ddca8c85db52b2f533978d421b4625c61727bdf15bb8e7b370b0c3d7e3a7036
SSDEEP

49152:vIPweIRiyshXMrzNEwVzZbW9teAJTwu7dXLcK/tCZ2kZLKYDsf8GulV4dkotl7qq:4TiNEYb0TwAXYKFCNLjDMM/i

Score

3^/10

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery

T1082

description	ioc	Process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	9bacc4a2e4f07a899a123e8d9bfaba7ba142626c89dfb536a5389ef6ac60e5b6.bin

/tmp/9bacc4a2e4f07a899a123e8d9bfaba7ba142626c89dfb536a5389ef6ac60e5b6.bin
/tmp/9bacc4a2e4f07a899a123e8d9bfaba7ba142626c89dfb536a5389ef6ac60e5b6.bin
1⤵
- Enumerates kernel/hardware configuration
PID:574

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...