General

  • Target

    d128cd316b18328301e7127f59d16a02.elf

  • Size

    168KB

  • Sample

    240220-2q4mlsga5v

  • MD5

    d128cd316b18328301e7127f59d16a02

  • SHA1

    26bae1e3ec8d4043b3c0c0c68d6c538782856eca

  • SHA256

    3f1389bc57d457bf9dfc0cd70ddd2fba878eea14db51bb54944579fb85990d8e

  • SHA512

    93ded5471caf892b1ce5049363468c65b92c03365f048f064e2ade2190f7a913c70c497eca62d8d0ff6b4fc758bb6b4ce37363fc56fd37737bf8f269243740fe

  • SSDEEP

    3072:8PSi28gcKeX9BCHDd4tccPifbAI9XYM2bkzBe/B+hVn8vWQcY1EKk5WcTM:B8gSGd4pPCf9XY1Ke/ghZ8vWQcY1EKkM

Malware Config

Extracted

Family

gafgyt

C2

239.255.255.250:1900

Targets

    • Target

      d128cd316b18328301e7127f59d16a02.elf

    • Size

      168KB

    • MD5

      d128cd316b18328301e7127f59d16a02

    • SHA1

      26bae1e3ec8d4043b3c0c0c68d6c538782856eca

    • SHA256

      3f1389bc57d457bf9dfc0cd70ddd2fba878eea14db51bb54944579fb85990d8e

    • SHA512

      93ded5471caf892b1ce5049363468c65b92c03365f048f064e2ade2190f7a913c70c497eca62d8d0ff6b4fc758bb6b4ce37363fc56fd37737bf8f269243740fe

    • SSDEEP

      3072:8PSi28gcKeX9BCHDd4tccPifbAI9XYM2bkzBe/B+hVn8vWQcY1EKk5WcTM:B8gSGd4pPCf9XY1Ke/ghZ8vWQcY1EKkM

    Score
    7/10
    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.