5c26e281b126cd4b4b28c165ac4710d343f5c8e38eab677d6d544030e6dbceda

Resubmissions

19-12-2024 16:13

241219-tpazxawjcq 10

19-12-2024 16:10

241219-tmtz1avrhq 10

27-08-2024 15:29

240827-sww1aaxeqg 10

Analysis

max time kernel
180s
max time network
200s
platform
ubuntu-20.04_amd64
resource
ubuntu2004-amd64-20240508-en
resource tags

arch:amd64arch:i386image:ubuntu2004-amd64-20240508-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
submitted
19-12-2024 16:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

qexswfv
Size

15.0MB
MD5

d8f8fb9895edbf92ea18a8d3a244cbba
SHA1

24fa35cbff917357f7c146049558e71f29a426e4
SHA256

5c26e281b126cd4b4b28c165ac4710d343f5c8e38eab677d6d544030e6dbceda
SHA512

a387b2c16889d57cd830c24ffd79bef5c7bfdb11ca6c82b00f97dd400b31c74b144a5a04dfbc61ecc27b6fd4f0b720976eb407b70f0cc4e6ad0f4a732e19bee0
SSDEEP

98304:DyxK+N7IQTb/PBNCIKpSbyVyvxqqqk3Ex7AFAD9iKR8TW:Dy4+1H/PB0IKpDVyvxqqqk0ojW

Score

3^/10

discovery

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

discovery

System Information Discovery

T1082

description	ioc	Process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	qexswfv

/tmp/qexswfv
/tmp/qexswfv
1⤵
- Enumerates kernel/hardware configuration
PID:2478

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads