a51eb798cb4a79c2ec9a278e43039e4a753d33aa2b4fb90b88ec2316290da169

Analysis

max time kernel
0s
max time network
133s
platform
ubuntu-20.04_amd64
resource
ubuntu2004-amd64-20240221-en
resource tags

arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
submitted
08/04/2024, 12:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1944504c03f869a4410ddbae6de8a122.elf
Size

4.6MB
MD5

1944504c03f869a4410ddbae6de8a122
SHA1

42b2cf93305f0c663190205f139226e90e666ce9
SHA256

a51eb798cb4a79c2ec9a278e43039e4a753d33aa2b4fb90b88ec2316290da169
SHA512

835eefc5f8d51fe34611658da925d1cde3a9f3791f9d8df180b591c27b976c3de27297fe35ebf3e3b2e6d0b34fb7e5274c6c1638c45c5fab1e4fa745e0e56005
SSDEEP

49152:7n/dBkH21ZijK8yIyZ9GNSFgrnVQSGAggT9GXMHXQA6HfTIHeTAieyRK4KJx8Kws:z8W1ZijK8yIi9j8FGzoHeMivRBqqNV2

Score

3^/10

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery

T1082

description	ioc	Process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	1944504c03f869a4410ddbae6de8a122.elf

/tmp/1944504c03f869a4410ddbae6de8a122.elf
/tmp/1944504c03f869a4410ddbae6de8a122.elf
1⤵
- Enumerates kernel/hardware configuration
PID:1478

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...