7871a92a6fba86458c42e9a5750e6c06180f98ff6e2939e40b857ed1031bbdc1

Analysis

max time kernel
149s
max time network
152s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20240523-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
02-12-2024 20:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

FLAT_LILAC.elf
Size

14.8MB
MD5

3346aa058d9cc774dbb2e676731ee326
SHA1

d33705410b98504cac719a21be5b397bd5fc563b
SHA256

7871a92a6fba86458c42e9a5750e6c06180f98ff6e2939e40b857ed1031bbdc1
SHA512

776333aaa92e4e2abe856d8eb995b4adedf11aadc3eec6a755ff18ade49ca2ebc8adca9c00ab34335ea5b39a2db66074ffd5d7291c74cd352d33a149fbaad5e9
SSDEEP

98304:U/kpw75UiQFaLgMmWCIPH4ISMMoMTFkJzkQzPDkUIEIt/fcf20+O9l/:U/kpwFJmWbAxMMoMTKJzkQTDpIt/MQq

Score

3^/10

discovery

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

discovery

System Information Discovery

T1082

description	ioc	Process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	FLAT_LILAC.elf

/tmp/FLAT_LILAC.elf
/tmp/FLAT_LILAC.elf
1⤵
- Enumerates kernel/hardware configuration
PID:2832

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads