Overview

overview

10

Static

static

10

e1102ba673...4d.elf

ubuntu-18.04-amd64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e80d18ff4aa7463af7d0508271d58fc7.bin

  • Size

    41KB

  • Sample

    230316-jdq7msca41

  • MD5

    2ad2e8c536abd29803430759b9c96158

  • SHA1

    27de43f48486ca57767fb554ec79c4d3e253c65a

  • SHA256

    cb6335490ae2e52f88dd4bdc92f87d1c4f2d23dbb0941368d5dce04a3dae2ee5

  • SHA512

    00a5246db312971e4011a38cc9c3bbf0a4f04253cfd0151413e150d5fb63f871568c9ffb17aa26859c72703804a9621ec77bf2e7996edb8c3d03fcc8f46e0c2e

  • SSDEEP

    768:7Zqlms5FVqZOhhpbnhc8GJyGqntXcT8UKppPsoiI8JCpJw4G4nxvlV68Yp8o:clms7VhhCzyrMTaHPsbF4nxwX

Score
10/10
gafgytdiscoverylinux

Malware Config

Targets

    • Target

      e1102ba673a1a82ec70c5b6b20e48af30a6b422670b74cb9c094ca0e12930c4d.elf

    • Size

      92KB

    • MD5

      e80d18ff4aa7463af7d0508271d58fc7

    • SHA1

      5911745e8312bb1087ef791afa00aa072c5ec627

    • SHA256

      e1102ba673a1a82ec70c5b6b20e48af30a6b422670b74cb9c094ca0e12930c4d

    • SHA512

      8e874a19145e39475016c8e57040db4d28bda01e000105abe5c992cde8d3295a19db28e02252628a95fce8506d5a6a1270455c7e44a0fd7c366ba06f9ea64fca

    • SSDEEP

      1536:W7uJtxNeVE8zV7aKlvhE1hmkJ0S36W6bWjK3wyPXfH0mA+KWOXFseaZYxe:4SsVEeVZlpmXJ0O6WpjKgifUm/KWOXFE

    Score
    7/10
    discovery

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Reads system network configuration

      Uses contents of /proc filesystem to enumerate network settings.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks