49290f83b42d99c5314f8bf07479509cc69fbf20586c1e5826fc739e6ad0889a | Triage

Analysis

max time kernel
0s
max time network
129s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20250307-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20250307-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
19/03/2025, 06:15

Sharing

Report Analysis Logs

General

Target

systemctl
Size

1.3MB
MD5

d5462e5598d0598ed181b0e9d38ac9bc
SHA1

5c169bcaedbc1b809d794bda1afc2dab9e9e08f1
SHA256

f9cee6d2d8f5c66ce0676b46036866c416f349313260717fea13d4a62201792f
SHA512

44b4b9404861f769abcc25aeb5d3ae3f222b837115b4c837f95f8849ec6d82a45c2ea4f2b8c33f89d706890941f99ebe822c780e7591cb9cc8a0dae9502a6c69
SSDEEP

24576:5DsB7qCB0FwV8G10LzJYsN+m7QdXOA5K:S1q7FwqE0LzJYsN+m8dXr

Score

3^/10

discovery

Malware Config

Signatures

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/self/maps	grep

/tmp/systemctl
/tmp/systemctl
1⤵
PID:2493

/usr/local/sbin/sh
sh /dev/fd/3
1⤵
PID:2493

/usr/local/bin/sh
sh /dev/fd/3
1⤵
PID:2493

/usr/sbin/sh
sh /dev/fd/3
1⤵
PID:2493

/usr/bin/sh
sh /dev/fd/3
1⤵
PID:2493
- /usr/bin/mctes
  /usr/bin/mctes
  2⤵
  PID:2495
- /usr/bin/grep
  grep -v "Server Service"
  2⤵
  - Reads runtime system information
  PID:2496

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads