0fa72e1644ed30436844eafc53c3003f0de056d68953673e0b5600099d0b5b8f

Analysis

max time kernel
6s
max time network
133s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20231215-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
16-01-2024 23:43

Target

612c7cd843a5f35d992f18d93b638087
Size

4.5MB
MD5

612c7cd843a5f35d992f18d93b638087
SHA1

35177a0c5a2dd3dcc69cfb0792b2b3679c6d67c5
SHA256

0fa72e1644ed30436844eafc53c3003f0de056d68953673e0b5600099d0b5b8f
SHA512

dca71435ac4219ba8d9c0c210c0fdacb4bac941da7e9bfa6d0a2a72d30c96959f5776b47b3ebea770d66997a111a962f86e7910373ba4a0223decc521129fe17
SSDEEP

49152:0QJ+T5IdMTcdjqxWryAxDZbzI7DDq4QwhVvhpRV4FkEd1rdHjw1Gjg+AR:0QJ+GmcdByAxDZzOp0W+A

Score

3^/10

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs
Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery
T1082

Processes:

612c7cd843a5f35d992f18d93b638087

description ioc process

File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size 612c7cd843a5f35d992f18d93b638087

description	ioc	process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	612c7cd843a5f35d992f18d93b638087

/tmp/612c7cd843a5f35d992f18d93b638087
/tmp/612c7cd843a5f35d992f18d93b638087
1⤵
- Enumerates kernel/hardware configuration
PID:1581

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact