Analysis
-
max time kernel
142s -
max time network
151s -
platform
ubuntu-20.04_amd64 -
resource
ubuntu2004-amd64-20240221-en -
resource tags
arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system -
submitted
28/03/2024, 21:27
Behavioral task
behavioral1
Sample
lab3.elf
Resource
ubuntu2004-amd64-20240221-en
2 signatures
150 seconds
General
-
Target
lab3.elf
-
Size
4.5MB
-
MD5
08ee9612139c00b1a60d3078a1c94f5a
-
SHA1
33e9c319efded472c2b4622b1357495a4284f9cc
-
SHA256
ffce0d47281a3673151f4dc6aa97200250a9efe132bdd15d5c265d3c8dd39202
-
SHA512
340176985b83a53b427e9d465538bc59f06819ce70181122f6043dd0dddd4650736aab8719d23be8525d24e94033795ff87a19611618782dad92707e24e092f9
-
SSDEEP
98304:zodc1IpOeV9cOr2Zs6Cz1hCfpMtyPPRbyp21kIjRsD6qRFX1KE6FGtHI:cdsI5rr2y64hRMImkIj+tXbAGtHI
Score
3/10
Malware Config
Signatures
-
Enumerates kernel/hardware configuration 1 TTPs 2 IoCs
Reads contents of /sys virtual filesystem to enumerate system information.
description ioc Process File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size lab3.elf File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size exe -
Reads runtime system information 2 IoCs
Reads data from /proc virtual filesystem.
description ioc Process File opened for reading /proc/self/exe lab3.elf File opened for reading /proc/self/exe exe