80364381a30f8fd90b884eed07dacb5692d6b972487f62f483b44504b618dfe5

Resubmissions

28/02/2024, 12:59

240228-p8k7rscb68 7

28/02/2024, 12:57

240228-p7bxpscb5x 3

20/09/2023, 08:57

230920-kw2xjafc6y 7

Analysis

max time kernel
0s
max time network
128s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240226-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
28/02/2024, 12:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ezuri_bash
Size

3.2MB
MD5

faf3c04a044683fa3f7978f4bb1fc732
SHA1

9d23e1288db008c6f2f146ce26abf70b6fbda6f5
SHA256

80364381a30f8fd90b884eed07dacb5692d6b972487f62f483b44504b618dfe5
SHA512

100a6b04d98a9622296b6c91ab66f9b4a275891659becea273ba7639f8079d97d18874b7ee69d6c1103a083fa032efa03b917a429fd4e90b97a3d9379606ac0d
SSDEEP

49152:m2xGTg4WWggft6UwDp4TYRYd37JS+/OOg0HE+IONTNPz61YhBePAltOWeyaWZxDn:FY/C637J3Jg0HcYBPeqX5eyrZZRzB/Yc

Score

3^/10

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery

T1082

description	ioc	Process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	ezuri_bash

/tmp/ezuri_bash
/tmp/ezuri_bash
1⤵
- Enumerates kernel/hardware configuration
PID:1584

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...