82e560a078cd7bb4472d5af832a04c4bc8f1001bac97b1574efe9863d3f66550

Resubmissions

21-02-2024 19:59

240221-yqmsbafb69 10

27-02-2023 15:10

230227-sj843seb89 1

27-06-2021 20:55

210627-2nsmat5hex 10

Analysis

max time kernel
0s
max time network
133s
platform
ubuntu-20.04_amd64
resource
ubuntu2004-amd64-20240221-en
resource tags

arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
submitted
21-02-2024 19:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e_nas_x86.out
Size

2.0MB
MD5

1453c8123be53bf4458b1a8e7e54ddbb
SHA1

a1064f1393e4d548c27f1a4b5fb1a5cf9f5267e7
SHA256

e505b24de50b14aed35cf40725dc0185cab06fed90269d445ec7a4b36de124b6
SHA512

2eeffbcf1b8161f3f61a5654213004212042ca95b87393052a54b0a28416ee82eef113891488cc272581d6c2a557b1283712f8658ad48c219823b204724bc150
SSDEEP

49152:Tx8AK8iCuL2j/WU1jMEYaCQ4esXSdq8J3:t87Rc5CQ4eXdqS

Score

3^/10

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs
Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery
T1082

Processes:

e_nas_x86.out

description ioc process

File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size e_nas_x86.out

description	ioc	process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	e_nas_x86.out

/tmp/e_nas_x86.out
/tmp/e_nas_x86.out
1⤵
- Enumerates kernel/hardware configuration
PID:1427

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads