e8a6280ea27ebc3633c9976efa12a8b00b995e6234d03bbfd802fe118c713d1a | Triage

Sharing

General

Target

linpeas.sh
Size

842KB
Sample

240528-wx8bgseg8v
MD5

a3dc6111d40edb5a9dd1bb592bdb3855
SHA1

206bdec31d6a3f65c698ba7bffee5867f15a5e50
SHA256

e8a6280ea27ebc3633c9976efa12a8b00b995e6234d03bbfd802fe118c713d1a
SHA512

b70d79c924346d4781bb828c44276388a88625de9332aadc9d334aa74700f959b44ea824c65921e56384ac26bf39d062dcc89e0320460b9153560b054783a623
SSDEEP

6144:AotG23KlUK0LZqV8FxkZ5zPulEdHqZ7rhhVbGdQ3CPlHMpsgdce2Nkba/Jp5IsTE:jiNT+DzgD/Dbyw3/eqEJF

Score

6^/10

antivm linux

Malware Config

Targets

- Target
  
  linpeas.sh
- Size
  
  842KB
- MD5
  
  a3dc6111d40edb5a9dd1bb592bdb3855
- SHA1
  
  206bdec31d6a3f65c698ba7bffee5867f15a5e50
- SHA256
  
  e8a6280ea27ebc3633c9976efa12a8b00b995e6234d03bbfd802fe118c713d1a
- SHA512
  
  b70d79c924346d4781bb828c44276388a88625de9332aadc9d334aa74700f959b44ea824c65921e56384ac26bf39d062dcc89e0320460b9153560b054783a623
- SSDEEP
  
  6144:AotG23KlUK0LZqV8FxkZ5zPulEdHqZ7rhhVbGdQ3CPlHMpsgdce2Nkba/Jp5IsTE:jiNT+DzgD/Dbyw3/eqEJF
Score

6^/10

antivm
- Checks hardware identifiers (DMI)
  Checks DMI information which indicate if the system is a virtual machine.
  antivm
- Enumerates running processes
  Discovers information about currently running processes on the system
- Reads hardware information
  Accesses system info like serial numbers, manufacturer names etc.
- Reads network interface configuration
  Fetches information about one or more active network interfaces.
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4