General
-
Target
cf068be65e5cde6c25feb311671b0f30.elf
-
Size
112KB
-
Sample
230402-sjfsjaac7s
-
MD5
cf068be65e5cde6c25feb311671b0f30
-
SHA1
2cd3dbfd02f0964e589050c8ce5df06c2eb5dbf3
-
SHA256
9702dc811c05ceb5a80b465c966ab392dde2bf6442f59b8dddf1b5106577b1c7
-
SHA512
f7bac552eb96984669ee1e82bc8a978e6ca3ac7366c4664ae36c0a71eed03e72b427b19197cad635104e4fec6c27a29611380ee0a4d1fce77c028cc3f89b1dc3
-
SSDEEP
3072:Ld5aPO2ONvarAJy9n5h/8KkGdAQvkbmOQUJ1UXpTn:Z5aPO7s9n5h/8KL2QcbmOQUJ1apTn
Behavioral task
behavioral1
Sample
cf068be65e5cde6c25feb311671b0f30.elf
Resource
debian9-armhf-20221111-en
Malware Config
Extracted
gafgyt
43.153.37.45:707
Targets
-
-
Target
cf068be65e5cde6c25feb311671b0f30.elf
-
Size
112KB
-
MD5
cf068be65e5cde6c25feb311671b0f30
-
SHA1
2cd3dbfd02f0964e589050c8ce5df06c2eb5dbf3
-
SHA256
9702dc811c05ceb5a80b465c966ab392dde2bf6442f59b8dddf1b5106577b1c7
-
SHA512
f7bac552eb96984669ee1e82bc8a978e6ca3ac7366c4664ae36c0a71eed03e72b427b19197cad635104e4fec6c27a29611380ee0a4d1fce77c028cc3f89b1dc3
-
SSDEEP
3072:Ld5aPO2ONvarAJy9n5h/8KkGdAQvkbmOQUJ1UXpTn:Z5aPO7s9n5h/8KL2QcbmOQUJ1apTn
Score7/10-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-