Analysis Overview
score
10/10
SHA256
e804e13c4e8295ffd1068b2e29c1d991090997f695c74438c067cc2dc290e6ea
Threat Level: Known bad
The file e804e13c4e8295ffd1068b2e29c1d991090997f695c74438c067cc2dc290e6ea.elf was found to be: Known bad.
Malicious Activity Summary
Sliver RAT v2
Sliver family
Enumerates kernel/hardware configuration
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-07 03:26
Signatures
Sliver RAT v2
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Sliver family
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-07 03:26
Reported
2024-11-07 03:28
Platform
ubuntu2204-amd64-20240611-en
Max time kernel
137s
Max time network
138s
Command Line
[/tmp/e804e13c4e8295ffd1068b2e29c1d991090997f695c74438c067cc2dc290e6ea.elf]
Signatures
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/kernel/mm/transparent_hugepage/hpage_pmd_size | /tmp/e804e13c4e8295ffd1068b2e29c1d991090997f695c74438c067cc2dc290e6ea.elf | N/A |
Processes
/tmp/e804e13c4e8295ffd1068b2e29c1d991090997f695c74438c067cc2dc290e6ea.elf
[/tmp/e804e13c4e8295ffd1068b2e29c1d991090997f695c74438c067cc2dc290e6ea.elf]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| RO | 185.247.224.8:5546 | tcp | |
| RO | 185.247.224.8:5546 | tcp | |
| RO | 185.247.224.8:5546 | tcp | |
| RO | 185.247.224.8:5546 | tcp | |
| RO | 185.247.224.8:5546 | tcp | |
| RO | 185.247.224.8:5546 | tcp |
Files
N/A