49290f83b42d99c5314f8bf07479509cc69fbf20586c1e5826fc739e6ad0889a

Analysis

max time kernel
0s
max time network
132s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20250307-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20250307-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
19/03/2025, 06:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

chme
Size

14KB
MD5

d1b8293ff502f14d94a1c85e71a16509
SHA1

a5ab41b4a2d4789729a5e27b72d18e168ecc020e
SHA256

d2ae9517513b7c2a5fe91d2bbf2b229e886dceb6bd91681dd93fbff148679707
SHA512

8c95a42f57e15fc32cede7ab5c09bad685dde79adafdc20015b0d4ff04ce77f22fb522193a3f1f4b3d65ff84b4a16ec715073db81a54004da0272abcc8f2e7f7
SSDEEP

384:qoMQ2avXvn/3PHfXvn/3PHfayqC7ir4kqQm:34sXvn/3PHfXvn/3PHfayqC7kxbm

Score

4^/10

discovery

Malware Config

Signatures

Reads CPU attributes 1 TTPs 1 IoCs

discovery

System Information Discovery

T1082

description	ioc	Process
File opened for reading	/sys/devices/system/cpu/online	chme

Reads runtime system information 4 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/uptime	chme
File opened for reading	/proc/loadavg	chme
File opened for reading	/proc/self/auxv	chme
File opened for reading	/proc/sys/kernel/osrelease	chme

/tmp/chme
/tmp/chme
1⤵
- Reads CPU attributes
- Reads runtime system information
PID:1571

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads