Overview

overview

10

Static

static

7

session

ubuntu-22.04-amd64

10

Analysis

  • max time kernel
    120s
  • max time network
    136s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    27-06-2024 23:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    session

  • Size

    4.4MB

  • MD5

    f983eddcb8579452097e95c4391012e3

  • SHA1

    4e3d8da35aae98a7c5cd333fa0269d7744f11ade

  • SHA256

    98f24ebc953061aa13b100eb144f9ec8e057738e34da436c9bd514e41e45dee3

  • SHA512

    d9c01d7880bf37079f0282f50bc372f31f498c0b677b2819b59c4e59eb4a2d2ae8bad905a1263b6cba77874f3ccbcccf20a692507a50e83ea3c445ac031e7b73

  • SSDEEP

    98304:w65rSetJBJkUI3vYx511k6mQzIcL426VougcDsNp90zwHRiqMf+2GOygiW+:w65d4QpO6lvVEzwinf+bObiz

Score
10/10
sliverbackdoortrojan

Malware Config

Signatures

  • Sliver RAT v2 1 IoCs
  • SliverRAT

    SliverRAT is an open source Adversary Emulation Framework.

    trojanbackdoorsliver
  • Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/session
    /tmp/session
    1⤵
    • Enumerates kernel/hardware configuration
    • Reads runtime system information
    PID:1571

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads