General

  • Target

    4ec4509374209942b945832b64317e9f.elf

  • Size

    122KB

  • Sample

    240329-knqjjaeb64

  • MD5

    4ec4509374209942b945832b64317e9f

  • SHA1

    df26584fe5adb927c13da7bcc1aff7ed5c060a51

  • SHA256

    7729b0a237a38cf3ea7fed6f1ee11aaab753269496a34a97a2c66b80b0c50e0c

  • SHA512

    d2448a8db6699be48b535dd4affc6b7125dc84aaac83a5989b43163179cbf4a848c1d9715669cfac7456c83f72ed49e7263a327b681315ff98b663865f28219d

  • SSDEEP

    3072:DaiyMSElvPdVQF9nshoQnmGvqvvK5bhDNPyWmREKNSQieXAZc:fyiv1gnsyQnLvqvvKNhDByWmREKNSQio

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

193.35.18.56:65490

Targets

    • Target

      4ec4509374209942b945832b64317e9f.elf

    • Size

      122KB

    • MD5

      4ec4509374209942b945832b64317e9f

    • SHA1

      df26584fe5adb927c13da7bcc1aff7ed5c060a51

    • SHA256

      7729b0a237a38cf3ea7fed6f1ee11aaab753269496a34a97a2c66b80b0c50e0c

    • SHA512

      d2448a8db6699be48b535dd4affc6b7125dc84aaac83a5989b43163179cbf4a848c1d9715669cfac7456c83f72ed49e7263a327b681315ff98b663865f28219d

    • SSDEEP

      3072:DaiyMSElvPdVQF9nshoQnmGvqvvK5bhDNPyWmREKNSQieXAZc:fyiv1gnsyQnLvqvvKNhDByWmREKNSQio

    Score
    7/10
    • Changes its process name

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks