General
-
Target
4ec4509374209942b945832b64317e9f.elf
-
Size
122KB
-
Sample
240329-knqjjaeb64
-
MD5
4ec4509374209942b945832b64317e9f
-
SHA1
df26584fe5adb927c13da7bcc1aff7ed5c060a51
-
SHA256
7729b0a237a38cf3ea7fed6f1ee11aaab753269496a34a97a2c66b80b0c50e0c
-
SHA512
d2448a8db6699be48b535dd4affc6b7125dc84aaac83a5989b43163179cbf4a848c1d9715669cfac7456c83f72ed49e7263a327b681315ff98b663865f28219d
-
SSDEEP
3072:DaiyMSElvPdVQF9nshoQnmGvqvvK5bhDNPyWmREKNSQieXAZc:fyiv1gnsyQnLvqvvKNhDByWmREKNSQio
Behavioral task
behavioral1
Sample
4ec4509374209942b945832b64317e9f.elf
Resource
debian9-armhf-20240226-en
Malware Config
Extracted
gafgyt
193.35.18.56:65490
Targets
-
-
Target
4ec4509374209942b945832b64317e9f.elf
-
Size
122KB
-
MD5
4ec4509374209942b945832b64317e9f
-
SHA1
df26584fe5adb927c13da7bcc1aff7ed5c060a51
-
SHA256
7729b0a237a38cf3ea7fed6f1ee11aaab753269496a34a97a2c66b80b0c50e0c
-
SHA512
d2448a8db6699be48b535dd4affc6b7125dc84aaac83a5989b43163179cbf4a848c1d9715669cfac7456c83f72ed49e7263a327b681315ff98b663865f28219d
-
SSDEEP
3072:DaiyMSElvPdVQF9nshoQnmGvqvvK5bhDNPyWmREKNSQieXAZc:fyiv1gnsyQnLvqvvKNhDByWmREKNSQio
Score7/10-
Changes its process name
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-