2e1e3f75fdb08c26e41d7870db6ffea5b89b39100899fe609b3c1d0d018c87d3

Resubmissions

14-06-2024 14:23

240614-rqapesxhrn 3

17-04-2024 09:42

240417-lpnl1abc26 4

Analysis

max time kernel
67s
max time network
133s
platform
ubuntu-20.04_amd64
resource
ubuntu2004-amd64-20240221-en
resource tags

arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
submitted
17-04-2024 09:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d_lin_x32_ru
Size

17.4MB
MD5

7af8e64432673bc7fcd0b1ed6fd43ead
SHA1

c5d40d519c8249917f2988ff4f552881d25acced
SHA256

022b72d00c7b61494cd0b4b8715edc5c495577896d97144838c631d4b0c24106
SHA512

24807a85c43870b97a9b22e2fbe74f4b71ee4752c2d8fdc204cc84d1462a25273c75ec93006959f81d5460ae854be212e0ab1f073ac32e15f15406f79ef01746
SSDEEP

98304:KsMnxbpfj8GhdzcdWA+cX6hAsjr7G9e/k4A5vXPNL6C9Iw+3X1seT5WUcnH98nIt:tOj7dQrqhCd/lL6C90VsO4OI1Kj7zK

Score

3^/10

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery

T1082

description	ioc	Process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	d_lin_x32_ru

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/stat	d_lin_x32_ru

/tmp/d_lin_x32_ru
/tmp/d_lin_x32_ru
1⤵
- Enumerates kernel/hardware configuration
- Reads runtime system information
PID:1878

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads