General
-
Target
x-8.6-.Hellfire.elf
-
Size
102KB
-
Sample
230403-xkrzeaac9z
-
MD5
c2bd76e251e8bb0c23aeaddc29cc9009
-
SHA1
ae90fc5754e5c2913bbab2e57948fb91163de6ae
-
SHA256
47bee2e3d9bc2c9e8e7b162e20896d15f295d095438dd4bae89efbd9fabef977
-
SHA512
5ecb7864ea4b7d24fc624a0f8d11f41600358489f830c384f0e0bce095eb12da6f1bca74a53aec82f1e2fbe72cca2ecab8783dfca44b03cf47e2858fcd61714f
-
SSDEEP
3072:Nkzqmj28SfJ4NLLBDtCJSgDoGum/KWOXA7aZYpe:18SfJ4VxADoGum/KWOXA7aZYpe
Behavioral task
behavioral1
Sample
x-8.6-.Hellfire.elf
Resource
ubuntu1804-amd64-20221111-en
Malware Config
Extracted
gafgyt
185.225.73.130:667
Targets
-
-
Target
x-8.6-.Hellfire.elf
-
Size
102KB
-
MD5
c2bd76e251e8bb0c23aeaddc29cc9009
-
SHA1
ae90fc5754e5c2913bbab2e57948fb91163de6ae
-
SHA256
47bee2e3d9bc2c9e8e7b162e20896d15f295d095438dd4bae89efbd9fabef977
-
SHA512
5ecb7864ea4b7d24fc624a0f8d11f41600358489f830c384f0e0bce095eb12da6f1bca74a53aec82f1e2fbe72cca2ecab8783dfca44b03cf47e2858fcd61714f
-
SSDEEP
3072:Nkzqmj28SfJ4NLLBDtCJSgDoGum/KWOXA7aZYpe:18SfJ4VxADoGum/KWOXA7aZYpe
Score7/10-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-