CPU Info

Overview

Evidence: CPU Info Description: ESXi CPU Info Category: System Platform: esxi Short Name: cpuinfo Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No

Background

ESXi CPU information provides detailed processor characteristics including core counts, speeds, cache configurations, and architecture details. This data establishes hardware baseline for the investigated host and can reveal hardware-specific vulnerabilities or performance anomalies that may indicate cryptomining or resource abuse.

Data Collected

This collector gathers structured data about cpu info.

CPU Info Data

Field

Description

Example

CPUID

CPUID

123

PackageID

Package ID

123

Family

Family

123

Model

Model

123

Type

Type

123

Stepping

Stepping

123

Brand

Brand

Example value

CoreSpeed

Core Speed

123

BusSpeed

Bus Speed

123

APICID

APICID

Example value

Node

Node

123

L2CacheSize

L2Cache Size

123

L2CacheAssociativity

L2Cache Associativity

123

L2CacheLineSize

L2Cache Line Size

123

L2CacheCPUCount

L2Cache CPU Count

123

L3CacheSize

L3Cache Size

123

L3CacheAssociativity

L3Cache Associativity

123

L3CacheLineSize

L3Cache Line Size

123

L3CacheCPUCount

L3Cache CPU Count

123

Collection Method

This collector parses CPU information files, extracting processor IDs, package/core/thread counts, vendor details, model numbers, family information, stepping, CPU speeds, bus speeds, APIC IDs, NUMA node assignments, and L2/L3 cache specifications for each physical CPU package.

Forensic Value

CPU configuration data helps validate host identity, detect hardware changes, and identify resource exhaustion patterns. Unusual CPU utilization correlated with CPU capabilities may indicate cryptomining, resource hijacking, or VM escape attempts. Cache and NUMA topology also assist in understanding side-channel attack feasibility.

PreviousCollectInfo NextDatastores

Last updated 9 days ago

Was this helpful?