adbee9d5003c4e21a0c810567fba17f3185eb136fc39b012975263f32c5e90a9

Resubmissions

03/10/2023, 09:53

231003-lwn64sbf24 3

03/10/2023, 09:51

231003-lvwvkahf8z 3

Analysis

max time kernel
3s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20230831-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20230831-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
03/10/2023, 09:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

adbee9d5003c4e21a0c810567fba17f3185eb136fc39b012975263f32c5e90a9
Size

70.9MB
MD5

b221589ab1ab44651234e6a8ccf8bcd8
SHA1

f0c4dd8ab9b728e023a644368afb20e719a37030
SHA256

adbee9d5003c4e21a0c810567fba17f3185eb136fc39b012975263f32c5e90a9
SHA512

cf8188ccbcfa37515cd476462e47bc70edd221396d75d15090081493aa41157ef6ad58b75ec94549548c4e1eba33c38c56efb68db92733f75242b32c11ea589c
SSDEEP

393216:7z3F1HLDPzxc5gx67Z4e3GnwWopUol0KvfUP98ACsOtk:3V1HLBc5gxW36qpxnU

Score

3^/10

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery

T1082

description	ioc	Process
File opened for reading	/sys/kernel/mm/transparent_hugepage/enabled	adbee9d5003c4e21a0c810567fba17f3185eb136fc39b012975263f32c5e90a9

Reads runtime system information 2 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/sys/vm/overcommit_memory	adbee9d5003c4e21a0c810567fba17f3185eb136fc39b012975263f32c5e90a9
File opened for reading	/proc/self/maps	adbee9d5003c4e21a0c810567fba17f3185eb136fc39b012975263f32c5e90a9

/tmp/adbee9d5003c4e21a0c810567fba17f3185eb136fc39b012975263f32c5e90a9
/tmp/adbee9d5003c4e21a0c810567fba17f3185eb136fc39b012975263f32c5e90a9
1⤵
- Enumerates kernel/hardware configuration
- Reads runtime system information
PID:608

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads