Analysis Overview
SHA256
0730bcc54e11905817761dad591a0a69fee73c14c5f16ea155034383976b24b2
Threat Level: Known bad
The file netaddr was found to be: Known bad.
Malicious Activity Summary
Xmrig_linux family
xmrig
Xmrig family
xmrig
XMRig Miner payload
Checks hardware identifiers (DMI)
Reads hardware information
UPX packed file
Reads CPU attributes
Checks CPU configuration
Reads runtime system information
Enumerates kernel/hardware configuration
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-15 17:48
Signatures
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral9
Detonation Overview
Submitted
2024-11-15 17:48
Reported
2024-11-15 17:50
Platform
ubuntu2404-amd64-20240523-en
Max time kernel
24s
Max time network
8s
Command Line
Signatures
Xmrig family
Xmrig_linux family
xmrig
XMRig Miner payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Checks hardware identifiers (DMI)
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/virtual/dmi/id/product_name | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_vendor | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/bios_vendor | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/sys_vendor | /tmp/netaddr | N/A |
Reads hardware information
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_serial | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/bios_version | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_asset_tag | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_version | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_vendor | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/bios_date | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/product_serial | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/product_uuid | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_version | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_serial | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_asset_tag | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/product_version | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_name | /tmp/netaddr | N/A |
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | /tmp/netaddr | N/A |
Reads CPU attributes
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index5/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/core_cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index4/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index1/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/level | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/die_cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/physical_package_id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/physical_line_partition | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index7/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/online | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/core_id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/physical_line_partition | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/level | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/number_of_sets | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index8/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpu_capacity | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index1/level | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index1/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index1/type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/coherency_line_size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/number_of_sets | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index9/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/coherency_line_size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/possible | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index6/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/level | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/physical_line_partition | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpufreq/base_frequency | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/cluster_cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/coherency_line_size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/package_cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/number_of_sets | /tmp/netaddr | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/fs/cgroup/cpuset.cpus.effective | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators/read_latency | /tmp/netaddr | N/A |
| File opened for reading | /sys/firmware/dmi/tables/smbios_entry_point | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/hugepages/hugepages-2048kB/free_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu | /tmp/netaddr | N/A |
| File opened for reading | /sys/firmware/dmi/tables/DMI | /tmp/netaddr | N/A |
| File opened for reading | /sys/fs/cgroup/cgroup.controllers | /tmp/netaddr | N/A |
| File opened for reading | /sys/kernel/mm/hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/hugepages/hugepages-1048576kB/nr_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access1/initiators | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators/write_bandwidth | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/fs/cgroup/cpuset.mems.effective | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/meminfo | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/bus/soc/devices | /tmp/netaddr | N/A |
| File opened for reading | /sys/kernel/mm/hugepages/hugepages-1048576kB/nr_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/online | /tmp/netaddr | N/A |
| File opened for reading | /sys/bus/dax/devices | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators/write_latency | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/cpumap | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators/read_bandwidth | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/cpu_atom/cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/cpu_core/cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/hugepages/hugepages-2048kB/nr_hugepages | /tmp/netaddr | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/version_signature | /tmp/netaddr | N/A |
| File opened for reading | /proc/sys/vm/nr_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /proc/self/exe | /tmp/netaddr | N/A |
| File opened for reading | /proc/cmdline | /tmp/netaddr | N/A |
| File opened for reading | /proc/mounts | /tmp/netaddr | N/A |
| File opened for reading | /proc/self/cpuset | /tmp/netaddr | N/A |
| File opened for reading | /proc/meminfo | /tmp/netaddr | N/A |
| File opened for reading | /proc/driver/nvidia/gpus | /tmp/netaddr | N/A |
Processes
/tmp/netaddr
[/tmp/netaddr]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | auto.c3pool.org | udp |
| US | 8.8.8.8:53 | auto.c3pool.org | udp |
| DE | 88.198.117.174:19999 | auto.c3pool.org | tcp |
Files
memory/2479-1-0x0000000000400000-0x0000000000ca9178-memory.dmp
Analysis: behavioral8
Detonation Overview
Submitted
2024-11-15 17:48
Reported
2024-11-15 17:50
Platform
ubuntu2204-amd64-20240611-en
Max time kernel
28s
Max time network
15s
Command Line
Signatures
Xmrig family
Xmrig_linux family
xmrig
XMRig Miner payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Checks hardware identifiers (DMI)
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/virtual/dmi/id/product_name | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_vendor | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/bios_vendor | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/sys_vendor | /tmp/netaddr | N/A |
Reads hardware information
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_serial | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/product_uuid | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_name | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_vendor | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_asset_tag | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/product_version | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_version | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/product_serial | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_asset_tag | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_version | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/bios_version | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/bios_date | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_serial | /tmp/netaddr | N/A |
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | /tmp/netaddr | N/A |
Reads CPU attributes
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/physical_line_partition | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index4/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpufreq/base_frequency | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/possible | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index1/type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/level | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/coherency_line_size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/number_of_sets | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/core_id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/cluster_cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index1/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index5/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index6/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index9/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/coherency_line_size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/number_of_sets | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index1/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/level | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index1/level | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/online | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/die_cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/package_cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/physical_package_id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index8/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index7/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpu_capacity | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/coherency_line_size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/number_of_sets | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/physical_line_partition | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/physical_line_partition | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/core_cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/level | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq | /tmp/netaddr | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/cpu_atom/cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators/read_latency | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators/write_latency | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu | /tmp/netaddr | N/A |
| File opened for reading | /sys/firmware/dmi/tables/smbios_entry_point | /tmp/netaddr | N/A |
| File opened for reading | /sys/bus/dax/devices | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators/read_bandwidth | /tmp/netaddr | N/A |
| File opened for reading | /sys/kernel/mm/hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/firmware/dmi/tables/DMI | /tmp/netaddr | N/A |
| File opened for reading | /sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/kernel/mm/hugepages/hugepages-1048576kB/nr_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/fs/cgroup/cpuset.cpus.effective | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/cpumap | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators | /tmp/netaddr | N/A |
| File opened for reading | /sys/bus/soc/devices | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/cpu_core/cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/online | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/meminfo | /tmp/netaddr | N/A |
| File opened for reading | /sys/fs/cgroup/cpuset.mems.effective | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/hugepages/hugepages-2048kB/nr_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/hugepages/hugepages-1048576kB/nr_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access1/initiators | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators/write_bandwidth | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/hugepages/hugepages-2048kB/free_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/fs/cgroup/cgroup.controllers | /tmp/netaddr | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/mounts | /tmp/netaddr | N/A |
| File opened for reading | /proc/self/cpuset | /tmp/netaddr | N/A |
| File opened for reading | /proc/meminfo | /tmp/netaddr | N/A |
| File opened for reading | /proc/driver/nvidia/gpus | /tmp/netaddr | N/A |
| File opened for reading | /proc/version_signature | /tmp/netaddr | N/A |
| File opened for reading | /proc/sys/vm/nr_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /proc/self/exe | /tmp/netaddr | N/A |
| File opened for reading | /proc/cmdline | /tmp/netaddr | N/A |
Processes
/tmp/netaddr
[/tmp/netaddr]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | auto.c3pool.org | udp |
| US | 8.8.8.8:53 | auto.c3pool.org | udp |
| DE | 88.198.117.174:19999 | auto.c3pool.org | tcp |
Files
memory/1587-1-0x0000000000400000-0x0000000000ca9178-memory.dmp
Analysis: behavioral3
Detonation Overview
Submitted
2024-11-15 17:48
Reported
2024-11-15 17:49
Platform
debian9-armhf-20240729-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/netaddr
[/tmp/netaddr]
Network
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-11-15 17:48
Reported
2024-11-15 17:49
Platform
debian9-mipsbe-20240611-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/netaddr
[/tmp/netaddr]
Network
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-11-15 17:48
Reported
2024-11-15 17:49
Platform
debian9-mipsel-20240418-en
Max time kernel
0s
Command Line
Signatures
Processes
/tmp/netaddr
[/tmp/netaddr]
Network
Files
Analysis: behavioral6
Detonation Overview
Submitted
2024-11-15 17:48
Reported
2024-11-15 17:50
Platform
ubuntu1804-amd64-20240611-en
Max time kernel
5s
Max time network
5s
Command Line
Signatures
Xmrig family
Xmrig_linux family
xmrig
XMRig Miner payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Checks hardware identifiers (DMI)
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/virtual/dmi/id/board_vendor | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/bios_vendor | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/sys_vendor | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/product_name | /tmp/netaddr | N/A |
Reads hardware information
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/virtual/dmi/id/product_version | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_version | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/bios_date | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/product_uuid | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_name | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_serial | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_vendor | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/product_serial | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_version | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_serial | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/bios_version | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_asset_tag | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_asset_tag | /tmp/netaddr | N/A |
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | /tmp/netaddr | N/A |
Reads CPU attributes
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/level | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/physical_line_partition | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/die_cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/core_siblings | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index1/level | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/number_of_sets | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index4/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index7/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/thread_siblings | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/core_id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index8/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/number_of_sets | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/level | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/coherency_line_size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpufreq/base_frequency | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/number_of_sets | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index5/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/possible | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index1/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/level | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index6/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/physical_package_id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index1/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index1/type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index9/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/online | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/coherency_line_size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/coherency_line_size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/physical_line_partition | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpu_capacity | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/cluster_cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/physical_line_partition | /tmp/netaddr | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/system/node/node0/hugepages/hugepages-2048kB/nr_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators/write_bandwidth | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators/read_latency | /tmp/netaddr | N/A |
| File opened for reading | /sys/bus/soc/devices | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/cpu_atom/cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/cpu_core/cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/meminfo | /tmp/netaddr | N/A |
| File opened for reading | /sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/online | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/cpumap | /tmp/netaddr | N/A |
| File opened for reading | /sys/bus/dax/devices | /tmp/netaddr | N/A |
| File opened for reading | /sys/fs/cgroup/unified/cgroup.controllers | /tmp/netaddr | N/A |
| File opened for reading | /sys/fs/cgroup/cpuset/cpuset.cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/fs/cgroup/cpuset/cpuset.mems | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators/write_latency | /tmp/netaddr | N/A |
| File opened for reading | /sys/firmware/dmi/tables/smbios_entry_point | /tmp/netaddr | N/A |
| File opened for reading | /sys/firmware/dmi/tables/DMI | /tmp/netaddr | N/A |
| File opened for reading | /sys/kernel/mm/hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access1/initiators | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators/read_bandwidth | /tmp/netaddr | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/self/exe | /tmp/netaddr | N/A |
| File opened for reading | /proc/cmdline | /tmp/netaddr | N/A |
| File opened for reading | /proc/mounts | /tmp/netaddr | N/A |
| File opened for reading | /proc/self/cpuset | /tmp/netaddr | N/A |
| File opened for reading | /proc/meminfo | /tmp/netaddr | N/A |
| File opened for reading | /proc/driver/nvidia/gpus | /tmp/netaddr | N/A |
| File opened for reading | /proc/version_signature | /tmp/netaddr | N/A |
| File opened for reading | /proc/sys/vm/nr_hugepages | /tmp/netaddr | N/A |
Processes
/tmp/netaddr
[/tmp/netaddr]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | auto.c3pool.org | udp |
| US | 1.1.1.1:53 | auto.c3pool.org | udp |
| GB | 185.125.188.62:443 | tcp | |
| GB | 185.125.188.62:443 | tcp | |
| US | 151.101.1.91:443 | tcp | |
| US | 1.1.1.1:53 | ocp-ingress.fastly.gnome.org | udp |
| US | 151.101.65.91:443 | ocp-ingress.fastly.gnome.org | tcp |
| GB | 89.187.167.5:443 | tcp |
Files
memory/1504-1-0x0000000000400000-0x0000000000ca9178-memory.dmp
Analysis: behavioral7
Detonation Overview
Submitted
2024-11-15 17:48
Reported
2024-11-15 17:50
Platform
ubuntu2004-amd64-20240729-en
Max time kernel
19s
Max time network
8s
Command Line
Signatures
Xmrig family
Xmrig_linux family
xmrig
XMRig Miner payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Checks hardware identifiers (DMI)
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/virtual/dmi/id/product_name | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_vendor | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/bios_vendor | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/sys_vendor | /tmp/netaddr | N/A |
Reads hardware information
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/virtual/dmi/id/board_asset_tag | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_version | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/bios_version | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/product_version | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_serial | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_asset_tag | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/bios_date | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_vendor | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_version | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/product_uuid | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_name | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/board_serial | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/chassis_type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id/product_serial | /tmp/netaddr | N/A |
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | /tmp/netaddr | N/A |
Reads CPU attributes
| Description | Indicator | Process | Target |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/level | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/number_of_sets | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index1/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/cluster_cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/coherency_line_size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/physical_line_partition | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index6/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/core_cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/package_cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/level | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpufreq/base_frequency | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/possible | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/online | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/core_id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/number_of_sets | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/coherency_line_size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpu_capacity | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index4/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/physical_package_id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index1/level | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index1/type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/coherency_line_size | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/level | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/physical_line_partition | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index5/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index7/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index8/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index9/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index3/number_of_sets | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/topology/die_cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index0/physical_line_partition | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index1/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/shared_cpu_map | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cache/index2/type | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq | /tmp/netaddr | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/fs/cgroup/unified/cgroup.controllers | /tmp/netaddr | N/A |
| File opened for reading | /sys/fs/cgroup/cpuset/cpuset.cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators/read_bandwidth | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators/write_bandwidth | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators/read_latency | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/virtual/dmi/id | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/hugepages/hugepages-2048kB/free_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/cpu | /tmp/netaddr | N/A |
| File opened for reading | /sys/kernel/mm/hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators | /tmp/netaddr | N/A |
| File opened for reading | /sys/bus/soc/devices | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/cpu_atom/cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/cpu_core/cpus | /tmp/netaddr | N/A |
| File opened for reading | /sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/online | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/meminfo | /tmp/netaddr | N/A |
| File opened for reading | /sys/fs/cgroup/cpuset/cpuset.mems | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/cpumap | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/hugepages/hugepages-2048kB/nr_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /sys/bus/dax/devices | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access1/initiators | /tmp/netaddr | N/A |
| File opened for reading | /sys/devices/system/node/node0/access0/initiators/write_latency | /tmp/netaddr | N/A |
| File opened for reading | /sys/firmware/dmi/tables/smbios_entry_point | /tmp/netaddr | N/A |
| File opened for reading | /sys/firmware/dmi/tables/DMI | /tmp/netaddr | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cmdline | /tmp/netaddr | N/A |
| File opened for reading | /proc/mounts | /tmp/netaddr | N/A |
| File opened for reading | /proc/self/cpuset | /tmp/netaddr | N/A |
| File opened for reading | /proc/meminfo | /tmp/netaddr | N/A |
| File opened for reading | /proc/driver/nvidia/gpus | /tmp/netaddr | N/A |
| File opened for reading | /proc/version_signature | /tmp/netaddr | N/A |
| File opened for reading | /proc/sys/vm/nr_hugepages | /tmp/netaddr | N/A |
| File opened for reading | /proc/self/exe | /tmp/netaddr | N/A |
Processes
/tmp/netaddr
[/tmp/netaddr]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | auto.c3pool.org | udp |
| US | 1.1.1.1:53 | auto.c3pool.org | udp |
| DE | 5.75.158.61:19999 | auto.c3pool.org | tcp |
| US | 1.1.1.1:53 | connectivity-check.ubuntu.com | udp |
Files
memory/1400-1-0x0000000000400000-0x0000000000ca9178-memory.dmp
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-15 17:48
Reported
2024-11-15 17:49
Platform
debian12-armhf-20240729-en
Max time kernel
0s
Max time network
4s
Command Line
Signatures
Processes
/tmp/netaddr
[/tmp/netaddr]
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-15 17:48
Reported
2024-11-15 17:50
Platform
debian12-mipsel-20240221-en
Max time kernel
3s
Command Line
Signatures
Processes
/tmp/netaddr
[/tmp/netaddr]