75a68363f468eb3798a277892433a5372d7232c58d7980d36f9ac3ef4e41ad76

Resubmissions

05-11-2024 11:36

241105-nqw1wa1drk 10

05-11-2024 07:58

241105-jt4gxawrdy 10

Analysis

max time kernel
297s
max time network
300s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240611-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
05-11-2024 11:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

merlin
Size

8.7MB
MD5

8308c4ae75b75645752864d05e32a1c1
SHA1

d3e52d1273fc0b572a13d2c260b95477dc238352
SHA256

75a68363f468eb3798a277892433a5372d7232c58d7980d36f9ac3ef4e41ad76
SHA512

9540d9750efbdd2b0d3ed4e0e8484782e0cf8aec2a2435aca47d583ac2e81132aaeca6e0e6852ea1849c96ab5957ce718675dc8914eeb768fd87949efdd6e47e
SSDEEP

98304:hXKMirDupPnJcWkbi7tBUuc8LXsE2qaOibO:xpADupPnJbkbi7hBV2X

Score

3^/10

discovery

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

discovery

System Information Discovery

T1082

description	ioc	Process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	merlin

/tmp/merlin
/tmp/merlin
1⤵
- Enumerates kernel/hardware configuration
PID:1497

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads