Overview

overview

10

Static

static

5

c8b524ca90...6aea84

ubuntu-18.04-amd64

10

c8b524ca90...6aea84

ubuntu-22.04-amd64

10

c8b524ca90...6aea84

ubuntu-24.04-amd64

10

Analysis

  • max time kernel
    130s
  • max time network
    130s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    08-11-2024 04:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c8b524ca90adea19d920beb5cc6bd86dd03b23b0b2c61675cef9d6c0446aea84

  • Size

    4.7MB

  • MD5

    2674724c99960521031e36de3f8feeec

  • SHA1

    b167d83a5d79ec2572f695370e5bdba3b7983fab

  • SHA256

    c8b524ca90adea19d920beb5cc6bd86dd03b23b0b2c61675cef9d6c0446aea84

  • SHA512

    8e477745ce34aba26779290c4d34fd142a23b635221d686ce613d85076371b2f9869fc028652f8129caf6641d49785e66537eb17d9eaaf45b919eef7dd566b2b

  • SSDEEP

    98304:jL4ZDe00Lgu/HkWWiEEoBBECDhWZF/teW9fMPOlZ8PjAYxJI:jL4ZLKMWLEfBbDhMFX9fMPI

Score
10/10
sliverbackdoordiscoverytrojan

Malware Config

Signatures

  • Sliver RAT v2 1 IoCs
  • Sliver family
    sliver
  • SliverRAT

    SliverRAT is an open source Adversary Emulation Framework.

    trojanbackdoorsliver
  • Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

    discovery
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/c8b524ca90adea19d920beb5cc6bd86dd03b23b0b2c61675cef9d6c0446aea84
    /tmp/c8b524ca90adea19d920beb5cc6bd86dd03b23b0b2c61675cef9d6c0446aea84
    1⤵
    • Enumerates kernel/hardware configuration
    • Reads runtime system information
    PID:2471

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2471-1-0x0000000000400000-0x000000000135b930-memory.dmp

    Download