82e560a078cd7bb4472d5af832a04c4bc8f1001bac97b1574efe9863d3f66550 | Triage

Analysis

max time kernel
0s
max time network
131s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240226-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
25-03-2024 20:54

Sharing

Report Analysis Logs

General

Target

e_nas_x86.out
Size

2.0MB
MD5

1453c8123be53bf4458b1a8e7e54ddbb
SHA1

a1064f1393e4d548c27f1a4b5fb1a5cf9f5267e7
SHA256

e505b24de50b14aed35cf40725dc0185cab06fed90269d445ec7a4b36de124b6
SHA512

2eeffbcf1b8161f3f61a5654213004212042ca95b87393052a54b0a28416ee82eef113891488cc272581d6c2a557b1283712f8658ad48c219823b204724bc150
SSDEEP

49152:Tx8AK8iCuL2j/WU1jMEYaCQ4esXSdq8J3:t87Rc5CQ4eXdqS

Score

3^/10

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs
Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery
T1082

Processes:

e_nas_x86.out

description ioc process

File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size e_nas_x86.out

/tmp/e_nas_x86.out
/tmp/e_nas_x86.out
1⤵
- Enumerates kernel/hardware configuration
PID:1563

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads