General
-
Target
4544b40ca36171545258a459a4f7998b.bin
-
Size
40KB
-
Sample
230402-bv3m1afc4t
-
MD5
cdd4fa3dff3b972db77b4f19688297bf
-
SHA1
9dd49ec5af602ade685b855689b21175a8909a5b
-
SHA256
b204fd59ab029a910225508ac0a58b9a21ff849852faa8bdee45ae90dcce9687
-
SHA512
caf3adcfebb6ab70e3aec3881fdc9fbe618a6a942acf4f4b711f724e9ac8044f663dac322e96e8d0ca6c1a8ad3063b5237563d42da85ad5579e3802810b34050
-
SSDEEP
768:RCiMH743n7yUpB9LAd4Z3OsE16W0es0nJrBq5XZF94cGRZlIKqOvBxe8:R/MHEhpLg44gryA5XaRZSKqGT
Behavioral task
behavioral1
Sample
3441b0320fe7ff51f243a71250ec19502a2a2cc7d4ca41247483c791be61d1f1.elf
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Extracted
gafgyt
5.249.162.136:4258
Targets
-
-
Target
3441b0320fe7ff51f243a71250ec19502a2a2cc7d4ca41247483c791be61d1f1.elf
-
Size
91KB
-
MD5
4544b40ca36171545258a459a4f7998b
-
SHA1
d069d8e49e403d7b4bb825f761bc71bd8403ca2f
-
SHA256
3441b0320fe7ff51f243a71250ec19502a2a2cc7d4ca41247483c791be61d1f1
-
SHA512
7bf4ae37e2119c8f9e45134ae465a87d33840f94c863928da4bb9899c596d66ea78225127f0bcd16aaa806eba8aaac2b4a6d8ddf4232357c269f358d826ec81b
-
SSDEEP
1536:p7rHXokXsWFVSzkfLEkZAT5ipG5v3QphauH/VPNlDDUg6I9um2Xj5YZb0e:pcCPOkfQfNipGdQphaE/XVog99um2XFY
Score7/10-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-