4aae89776c09a3a6a391b6d3f86efe862df7a6307d4adcc9bb0da474b5e426d0

Analysis

max time kernel
0s
max time network
129s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240226-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
21-03-2024 08:31

Target

SecuriteInfo.com.ELF.IPRoyal-A.2531.8155.elf
Size

8.6MB
MD5

d6720f8d9e9d0873d7f9c298f2406e61
SHA1

f5b66c4730af67e228e05080108d7f8a24a50431
SHA256

4aae89776c09a3a6a391b6d3f86efe862df7a6307d4adcc9bb0da474b5e426d0
SHA512

8ffc1c65f6a911695622eb96bcb844c0f8bf7353f604d7add28089d9f00a1a60c303ba0b453d3347c30d69f1f39018e0e089e58636317f0adb0c1791b5bc4359
SSDEEP

98304:SdoF6O/pOzlZlnzc8mZ+KrX+ZMNoQPxtMJiVapLwFeoBTh/Nauu8qtzO7eZPkt:aO4GHwm8MN1ropLcTONVVeeZK

Score

3^/10

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery

description	ioc	Process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	SecuriteInfo.com.ELF.IPRoyal-A.2531.8155.elf

/tmp/SecuriteInfo.com.ELF.IPRoyal-A.2531.8155.elf
/tmp/SecuriteInfo.com.ELF.IPRoyal-A.2531.8155.elf
1⤵
- Enumerates kernel/hardware configuration
PID:1547

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact