0079a171e5d364961189da82dcf8fcaa27141fde105609f07805a7ee0f301baa

Analysis

max time kernel
129s
max time network
131s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20231215-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
23/12/2023, 21:36

Target

f5ab886589558a8a265c216f6754d1477c19ca46d8ed4d57a1ee975c590e4aab.elf
Size

13.5MB
MD5

ff32a69075d9eb59ea5d25207d3ee775
SHA1

dbc9437cb2ee4540d989e5309589ea011a5637d9
SHA256

f5ab886589558a8a265c216f6754d1477c19ca46d8ed4d57a1ee975c590e4aab
SHA512

08cb79e4c9d62abcb5e116c17a11a8ffd3e741a94f5da871adf78aceac65d2f4afc30390a51f5535d723f8fe236fa27ae2304a552db1526f61479456df3c867a
SSDEEP

98304:2xRODFNiqU0uXvwUsNJs7ddHIEL6UwSgWEP19b4nY8W:2xROrhAvwXIn6UwSgTPEnYJ

Score

3^/10

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery

description	ioc	Process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	f5ab886589558a8a265c216f6754d1477c19ca46d8ed4d57a1ee975c590e4aab.elf

/tmp/f5ab886589558a8a265c216f6754d1477c19ca46d8ed4d57a1ee975c590e4aab.elf
/tmp/f5ab886589558a8a265c216f6754d1477c19ca46d8ed4d57a1ee975c590e4aab.elf
1⤵
- Enumerates kernel/hardware configuration
PID:1532

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact