7871a92a6fba86458c42e9a5750e6c06180f98ff6e2939e40b857ed1031bbdc1

Analysis

max time kernel
149s
max time network
152s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20240611-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
03/12/2024, 02:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7871a92a6fba86458c42e9a5750e6c06180f98ff6e2939e40b857ed1031bbdc1.elf
Size

14.8MB
MD5

3346aa058d9cc774dbb2e676731ee326
SHA1

d33705410b98504cac719a21be5b397bd5fc563b
SHA256

7871a92a6fba86458c42e9a5750e6c06180f98ff6e2939e40b857ed1031bbdc1
SHA512

776333aaa92e4e2abe856d8eb995b4adedf11aadc3eec6a755ff18ade49ca2ebc8adca9c00ab34335ea5b39a2db66074ffd5d7291c74cd352d33a149fbaad5e9
SSDEEP

98304:U/kpw75UiQFaLgMmWCIPH4ISMMoMTFkJzkQzPDkUIEIt/fcf20+O9l/:U/kpwFJmWbAxMMoMTKJzkQTDpIt/MQq

Score

3^/10

discovery

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

discovery

System Information Discovery

T1082

description	ioc	Process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	7871a92a6fba86458c42e9a5750e6c06180f98ff6e2939e40b857ed1031bbdc1.elf

/tmp/7871a92a6fba86458c42e9a5750e6c06180f98ff6e2939e40b857ed1031bbdc1.elf
/tmp/7871a92a6fba86458c42e9a5750e6c06180f98ff6e2939e40b857ed1031bbdc1.elf
1⤵
- Enumerates kernel/hardware configuration
PID:1600

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...