db5efa61dca3151d53e90642beeb95a6d1991bb28f0b1a364aafc697c8a207b5

Analysis

max time kernel
147s
max time network
148s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20240522.1-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20240522.1-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
11-09-2024 02:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

db5efa61dca3151d53e90642beeb95a6d1991bb28f0b1a364aafc697c8a207b5.elf
Size

13.7MB
MD5

58a62cbdeae97cd3a773e8b439bec704
SHA1

5b43cbc49e9560a4cfec958d3e95e3d743ded3b3
SHA256

db5efa61dca3151d53e90642beeb95a6d1991bb28f0b1a364aafc697c8a207b5
SHA512

7fbb1df8925969c90c962bf3cb2a9cb789b994c9e56dbdec35998013c1448c4a5d75d2b93e48c4f6eeb86d9495b3c0d2c589c20c21eafa3c65cdcfb541f22f6f
SSDEEP

98304:He4OtUOF1r36EQ4kkmCpu6t2NY+ERUJ9cAV0zH20x:He4YKEhmCX2NY7CJu

Score

3^/10

discovery

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

discovery

System Information Discovery

T1082

description	ioc	Process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	db5efa61dca3151d53e90642beeb95a6d1991bb28f0b1a364aafc697c8a207b5.elf

/tmp/db5efa61dca3151d53e90642beeb95a6d1991bb28f0b1a364aafc697c8a207b5.elf
/tmp/db5efa61dca3151d53e90642beeb95a6d1991bb28f0b1a364aafc697c8a207b5.elf
1⤵
- Enumerates kernel/hardware configuration
PID:1555

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads