Overview

overview

10

Static

static

10

455af1d6ac...0ea523

debian-9-armhf

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    455af1d6ac8d4b12a50ffa588b435da70e62462cf9a99530bd35238efa0ea523

  • Size

    125KB

  • Sample

    221130-qlmbzsgc5t

  • MD5

    d764516118f61c4e8a258b07ae93c10e

  • SHA1

    f39dc323ebabf36f8e4db08304bdf6c0e1807729

  • SHA256

    455af1d6ac8d4b12a50ffa588b435da70e62462cf9a99530bd35238efa0ea523

  • SHA512

    9cdb852b4a5909c468cd0cb1f6355663187159b0acc34123e1cff0ea76733a19fa728b0942208f47f501b6f1ecd68084bb8ee8d1f018c120a6132e7b6763a79d

  • SSDEEP

    3072:+ydzaYTYLtjCeWaoGM5hn0Gcd6SYQzvbmoQCYynXYTN:xzaYTYLoGM5hn0GS1jbmoQCYyXYTN

Score
10/10
gafgyt

Malware Config

Targets

    • Target

      455af1d6ac8d4b12a50ffa588b435da70e62462cf9a99530bd35238efa0ea523

    • Size

      125KB

    • MD5

      d764516118f61c4e8a258b07ae93c10e

    • SHA1

      f39dc323ebabf36f8e4db08304bdf6c0e1807729

    • SHA256

      455af1d6ac8d4b12a50ffa588b435da70e62462cf9a99530bd35238efa0ea523

    • SHA512

      9cdb852b4a5909c468cd0cb1f6355663187159b0acc34123e1cff0ea76733a19fa728b0942208f47f501b6f1ecd68084bb8ee8d1f018c120a6132e7b6763a79d

    • SSDEEP

      3072:+ydzaYTYLtjCeWaoGM5hn0Gcd6SYQzvbmoQCYynXYTN:xzaYTYLoGM5hn0GS1jbmoQCYyXYTN

    Score
    7/10

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Reads system network configuration

      Uses contents of /proc filesystem to enumerate network settings.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

2
T1016

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks