eaf5ae117daf4f95bfb4da9b7181f0a849c6cda74d1e9e689483b977ce76fb0b

Analysis

max time kernel
0s
max time network
1s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20240611-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
27-12-2024 10:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

dsf3rt324
Size

10.9MB
MD5

bbed9d3ef27485f535f87c48cfd9723b
SHA1

2ebc724dcde0bd9e130f9103b9594213db1dfa2b
SHA256

eaf5ae117daf4f95bfb4da9b7181f0a849c6cda74d1e9e689483b977ce76fb0b
SHA512

66a1493a3a56a1b5733f61a9329f6dd5c34becd1be49506255df3ebe631405212e4ef4d0e09878dc31d0533a238eba6389becc33fe8cbffed6d4cdb029706bc4
SSDEEP

49152:2KFKvDMOr9nrb/TSvO90d7HjmAFd4A64nsfJu1JDZUKs5FBsdkgyfrKpz0RJFXcI:6CXBs5dB73KnQqiH4fEBuNIZXp3r

Score

3^/10

discovery

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

discovery

System Information Discovery

T1082

description	ioc	Process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	dsf3rt324

/tmp/dsf3rt324
/tmp/dsf3rt324
1⤵
- Enumerates kernel/hardware configuration
PID:1561

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads