ec9fe93b08af6bbbaf14d7ae1ae00cf04bd052fe7fc9c59470b6d30a5e0f856d

Analysis

max time kernel
141s
max time network
129s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20240523-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
16-09-2024 01:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ec9fe93b08af6bbbaf14d7ae1ae00cf04bd052fe7fc9c59470b6d30a5e0f856d.elf
Size

13.5MB
MD5

1e39b990e69c6409caa588de8caba8d0
SHA1

b291e8b84ce1e418a8b018774ad0f0753003dba3
SHA256

ec9fe93b08af6bbbaf14d7ae1ae00cf04bd052fe7fc9c59470b6d30a5e0f856d
SHA512

a9270281aefd245f588be4972c3029b1d7da1250012dd4a9eb77daaf22300927efc50bfb360644a137347705e662656f234c2ab83bc8dc7ffdd50fac9b847f35
SSDEEP

98304:S9erjiw3E+xYhFdz9q2TeDo4i1YoeG/+W+emwAoGEfeyx:S9erB3ShFdIGqTi1XJx

Score

3^/10

discovery

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

discovery

System Information Discovery

T1082

description	ioc	Process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	ec9fe93b08af6bbbaf14d7ae1ae00cf04bd052fe7fc9c59470b6d30a5e0f856d.elf

/tmp/ec9fe93b08af6bbbaf14d7ae1ae00cf04bd052fe7fc9c59470b6d30a5e0f856d.elf
/tmp/ec9fe93b08af6bbbaf14d7ae1ae00cf04bd052fe7fc9c59470b6d30a5e0f856d.elf
1⤵
- Enumerates kernel/hardware configuration
PID:2435

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads