General
-
Target
436f9295d0c0b800c3024eacc373a488.elf
-
Size
133KB
-
Sample
230403-ycymnagg62
-
MD5
436f9295d0c0b800c3024eacc373a488
-
SHA1
7ed89d0b5eace657232595649118951ddd3895c2
-
SHA256
f5d43378d020c27bfeea69b3b163f2d341237dfe3b26f34864b0b1d54e518922
-
SHA512
9e95a1f82a8a4f165c85d5eee7bcb9bd4728848e290af6a469055c2cbd8bde86da8ccac9cad970fb0bc36dfcd71fa831ce0cd3ba561a9ac243f97c847e13ff87
-
SSDEEP
3072:/ZqFo8x61DDko8x61DDBKrQMAEsjj6zbM5vGaVCJ23K3MbHry6celYTgAfZHXPh6:QdtcI5prmW+IFB16t1hJ/
Behavioral task
behavioral1
Sample
436f9295d0c0b800c3024eacc373a488.elf
Resource
debian9-mipsbe-en-20211208
Malware Config
Extracted
gafgyt
185.225.73.130:667
Targets
-
-
Target
436f9295d0c0b800c3024eacc373a488.elf
-
Size
133KB
-
MD5
436f9295d0c0b800c3024eacc373a488
-
SHA1
7ed89d0b5eace657232595649118951ddd3895c2
-
SHA256
f5d43378d020c27bfeea69b3b163f2d341237dfe3b26f34864b0b1d54e518922
-
SHA512
9e95a1f82a8a4f165c85d5eee7bcb9bd4728848e290af6a469055c2cbd8bde86da8ccac9cad970fb0bc36dfcd71fa831ce0cd3ba561a9ac243f97c847e13ff87
-
SSDEEP
3072:/ZqFo8x61DDko8x61DDBKrQMAEsjj6zbM5vGaVCJ23K3MbHry6celYTgAfZHXPh6:QdtcI5prmW+IFB16t1hJ/
Score7/10-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-