Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

5d6230eb45...68.elf

debian-9-mips

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    79e2f80678e32f7a8e4acaeb503a99cd.bin

  • Size

    39KB

  • Sample

    240316-bz1zzagg31

  • MD5

    e60d4bd55657aff82b47e2cec99868fc

  • SHA1

    fd69af2ac709b1addee5c57beb1f86632bd981e2

  • SHA256

    7bef962eb856fc92068bd4accccf5efc68b0b5bf574cb8052c990a7bbd508498

  • SHA512

    de5ec923773c90a4b31246b7495169ea4a604931abcf4550664d4f932ce95de4f30dd3559a4c21a939d10cda7f8261af5b6e7118ab3c0ebe0565982f34692ef9

  • SSDEEP

    768:wux0FihHb4aHfZkkWdM5N5oNKXP7ycZVFW3BEllxL5iBH9ZayV7r:h4aHxkdM5o+yin6BAiZaI3

Score
10/10
gafgyt

Malware Config

Extracted

Family

gafgyt

C2

45.144.165.227:22

Targets

    • Target

      5d6230eb45280135c1e5bf43b45ba8c1a64c4a9af8cb822845d691b3706d8068.elf

    • Size

      110KB

    • MD5

      79e2f80678e32f7a8e4acaeb503a99cd

    • SHA1

      ad92e126bea61a78d7cf3fd903a75d9fc9cffce7

    • SHA256

      5d6230eb45280135c1e5bf43b45ba8c1a64c4a9af8cb822845d691b3706d8068

    • SHA512

      24a540cec51ec5ab69642a5cee5d8e4598d195f9a365aff0b2f34ba38d09da9932091c63873f1525db0905ffbab3c8a332f7849e42a4be429d629cd37dd06f6e

    • SSDEEP

      3072:R/4tNF9U4vvyKw6J73x8UmkiSFxfKxbXe:BUNFK+y8T8UmkiSFxfKxbXe

    Score
    6/10

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks