General
-
Target
f45dc498c9350e739806eb6ac395f3c7.elf
-
Size
108KB
-
Sample
230408-3nvscsfh23
-
MD5
f45dc498c9350e739806eb6ac395f3c7
-
SHA1
f5dd82204f46f2cd9e00b99f9c88031300f4be81
-
SHA256
bc115d1d699a603126e831813eb5204bca6749610f381f1273ad00f925f6d009
-
SHA512
78ae985dbde6f9360653823c8e718d2823ee5493fd2ae6e28def03f09a0eeb97510ab751bcb55a4c720903e91b4f880fc621dccc1d96b28dc5890c02c40f0d91
-
SSDEEP
3072:xbb5LatrDOa8YDOZ8Gvmpr5womiQ9WtX9+a:xbb5mDOauZ8GcwomiQ9Wx9+a
Behavioral task
behavioral1
Sample
f45dc498c9350e739806eb6ac395f3c7.elf
Resource
debian9-armhf-en-20211208
Malware Config
Extracted
gafgyt
104.193.255.117:1234
Targets
-
-
Target
f45dc498c9350e739806eb6ac395f3c7.elf
-
Size
108KB
-
MD5
f45dc498c9350e739806eb6ac395f3c7
-
SHA1
f5dd82204f46f2cd9e00b99f9c88031300f4be81
-
SHA256
bc115d1d699a603126e831813eb5204bca6749610f381f1273ad00f925f6d009
-
SHA512
78ae985dbde6f9360653823c8e718d2823ee5493fd2ae6e28def03f09a0eeb97510ab751bcb55a4c720903e91b4f880fc621dccc1d96b28dc5890c02c40f0d91
-
SSDEEP
3072:xbb5LatrDOa8YDOZ8Gvmpr5womiQ9WtX9+a:xbb5mDOauZ8GcwomiQ9Wx9+a
Score7/10-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-