Overview

overview

10

Static

static

10

iptable_reject

ubuntu-22.04-amd64

6

kermine

ubuntu-24.04-amd64

10

Resubmissions

21-10-2024 12:12

241021-pdcl5stbje 10

21-10-2024 11:59

241021-n55xbsshjb 10

19-10-2024 11:43

241019-nvrlyswdrn 10

19-10-2024 03:15

241019-drzs2swcrr 10

19-10-2024 03:03

241019-dj7tpavhrp 10

18-10-2024 09:09

241018-k4fdhaycqc 10

Analysis

  • max time kernel
    1799s
  • max time network
    1792s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    19-10-2024 11:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    iptable_reject

  • Size

    8.4MB

  • MD5

    7db2c9ec53c09e42724f6314401b906c

  • SHA1

    0b781d565d784b4d22aa9be874518b8b4c40bfcf

  • SHA256

    f99f857e388a386f4461917ec46781c539ee1f0e9d2b5039b282fa0754c1c750

  • SHA512

    74dcf160137fe29a2e68d66b503f0ec2fe6c0f0900356076d528e3387cf497557157da1c95d65d9fad8c7d7d647a21c93d7655270f9df06823ffbdcf7d26a2f5

  • SSDEEP

    196608:hVJq0MCjhe6WB42fcpuAJr+Q1lHGJqu82NwuN4zs:hDq0MCjhe6WaycpuA51lHOvKuN4

Score
6/10
antivmdiscovery

Malware Config

Signatures

  • Checks hardware identifiers (DMI) 1 TTPs 4 IoCs

    Checks DMI information which indicate if the system is a virtual machine.

    antivm
  • Reads hardware information 1 TTPs 14 IoCs

    Accesses system info like serial numbers, manufacturer names etc.

    discovery
  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

    antivm
  • Reads CPU attributes 1 TTPs 45 IoCs
    discovery
  • Enumerates kernel/hardware configuration 1 TTPs 24 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

    discovery
  • Reads runtime system information 5 IoCs

    Reads data from /proc virtual filesystem.

    discovery
  • System Network Configuration Discovery 1 TTPs 1 IoCs

    Adversaries may gather information about the network configuration of a system.

    discovery

Processes

  • /tmp/iptable_reject
    /tmp/iptable_reject
    1⤵
    • Checks hardware identifiers (DMI)
    • Reads hardware information
    • Checks CPU configuration
    • Reads CPU attributes
    • Enumerates kernel/hardware configuration
    • Reads runtime system information
    • System Network Configuration Discovery
    PID:1570

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads