Execution of uname -s -v -n -r -m to collect kernel and architecture details, uptime -p for system uptime, lspci queries to extract and count VGA-class PCI devices, and nvidia-smi -q filtering for product name to identify NVIDIA GPU models. This pattern reflects layered GPU identification using both PCI enumeration and NVIDIA driver-level queries, combined with basic host system metadata collection.

Execution of uname -s -v -n -r -m to retrieve kernel and architecture details, uptime -p for human-readable system uptime, and lspci | grep VGA | cut -f5- -d ' ' to extract VGA-class PCI device information. This pattern reflects lightweight host profiling combined with basic GPU identification.

Identifies SSH sessions where the actor performs structured hardware reconnaissance including CPU core enumeration, GPU detection via nvidia-smi, VGA/3D controller inspection via lspci, system uptime queries, and kernel/architecture fingerprinting to assess computational capabilities of the compromised host.