General

  • Target

    285418c5f17819c83932f4c42809f9b7

  • Size

    165KB

  • Sample

    240220-2sefhage72

  • MD5

    285418c5f17819c83932f4c42809f9b7

  • SHA1

    e5b438026f9e9862df34e2d7eb5a1642f1f5004f

  • SHA256

    2fcede6b116076661ecb2ec903f38c34d47fc98e999d395b85efbe84703bc0ce

  • SHA512

    952b4969a4b0ecb7f1771f5c1854453b5aa9f0c8e778d9509afdfe60d805d458fff4c69f4a4c93d3e334aa0fa2243050f8df664ce27dd343e1ebd857ed7651b0

  • SSDEEP

    3072:hxkUUnWy5cv49uUzeVr2mmQ1N031Kw6uP/n2bhtBeUmMJvkmBqs7WxlvWQcY1EKD:hFUWy5cA9uRSYi3k/E/2peUmu5IBlvWE

Malware Config

Extracted

Family

gafgyt

C2

239.255.255.250:1900

Targets

    • Target

      285418c5f17819c83932f4c42809f9b7

    • Size

      165KB

    • MD5

      285418c5f17819c83932f4c42809f9b7

    • SHA1

      e5b438026f9e9862df34e2d7eb5a1642f1f5004f

    • SHA256

      2fcede6b116076661ecb2ec903f38c34d47fc98e999d395b85efbe84703bc0ce

    • SHA512

      952b4969a4b0ecb7f1771f5c1854453b5aa9f0c8e778d9509afdfe60d805d458fff4c69f4a4c93d3e334aa0fa2243050f8df664ce27dd343e1ebd857ed7651b0

    • SSDEEP

      3072:hxkUUnWy5cv49uUzeVr2mmQ1N031Kw6uP/n2bhtBeUmMJvkmBqs7WxlvWQcY1EKD:hFUWy5cA9uRSYi3k/E/2peUmu5IBlvWE

    Score
    7/10
    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.