General
-
Target
43fd2650af8361e25303aae364851ad3.elf
-
Size
108KB
-
Sample
230404-f7qanadb32
-
MD5
43fd2650af8361e25303aae364851ad3
-
SHA1
257c2f407f104b94f3ae41a067518c6ba7760146
-
SHA256
e6411ff579e0376db79da61ea475afa364f930f32120c049810aa7f6edf56b06
-
SHA512
101d21319945c4de70ffe113bbc6e7892e7e51453718ad21c1b77477f97e472a4b4b4f5b8676daef57a8531fac9c774836a921b89ed33f47032986dcf3d50dfc
-
SSDEEP
3072:b6an17WtsWhdgYJs0D6mbPbmTQOWsXAOn:Wan17WPJs0D6ibmTQOWCAOn
Behavioral task
behavioral1
Sample
43fd2650af8361e25303aae364851ad3.elf
Resource
debian9-armhf-20221111-en
Malware Config
Extracted
gafgyt
185.225.74.67:839
Targets
-
-
Target
43fd2650af8361e25303aae364851ad3.elf
-
Size
108KB
-
MD5
43fd2650af8361e25303aae364851ad3
-
SHA1
257c2f407f104b94f3ae41a067518c6ba7760146
-
SHA256
e6411ff579e0376db79da61ea475afa364f930f32120c049810aa7f6edf56b06
-
SHA512
101d21319945c4de70ffe113bbc6e7892e7e51453718ad21c1b77477f97e472a4b4b4f5b8676daef57a8531fac9c774836a921b89ed33f47032986dcf3d50dfc
-
SSDEEP
3072:b6an17WtsWhdgYJs0D6mbPbmTQOWsXAOn:Wan17WPJs0D6ibmTQOWCAOn
Score7/10-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-