General
-
Target
43026ac08eb41f4464a8cefecb8b9f7140f54ed598c2d2bc8e868fa0c063c0c5.elf
-
Size
114KB
-
Sample
240330-ckenvseg7z
-
MD5
8cd2686d55d8abf6c5f626c71d94a8ff
-
SHA1
0c808f720090c41f1a397360eb66e5a238ad8f73
-
SHA256
43026ac08eb41f4464a8cefecb8b9f7140f54ed598c2d2bc8e868fa0c063c0c5
-
SHA512
c9ffce6fb7b8dc8ac91015452a5927f275994ed27b6fd1c7eb10eeb351d4dd4c16d7676a6a2c9066873163f7519e540b0c7caf186210f52198009ba948e6316f
-
SSDEEP
3072:d1TYGMLI+pnNPEXR8emVs3woJBhWmkI7w/7H4ob:djYEXR8LohWmkI7w/T4ob
Behavioral task
behavioral1
Sample
43026ac08eb41f4464a8cefecb8b9f7140f54ed598c2d2bc8e868fa0c063c0c5.elf
Resource
ubuntu2004-amd64-20240221-en
Malware Config
Extracted
gafgyt
193.35.18.56:65490
Targets
-
-
Target
43026ac08eb41f4464a8cefecb8b9f7140f54ed598c2d2bc8e868fa0c063c0c5.elf
-
Size
114KB
-
MD5
8cd2686d55d8abf6c5f626c71d94a8ff
-
SHA1
0c808f720090c41f1a397360eb66e5a238ad8f73
-
SHA256
43026ac08eb41f4464a8cefecb8b9f7140f54ed598c2d2bc8e868fa0c063c0c5
-
SHA512
c9ffce6fb7b8dc8ac91015452a5927f275994ed27b6fd1c7eb10eeb351d4dd4c16d7676a6a2c9066873163f7519e540b0c7caf186210f52198009ba948e6316f
-
SSDEEP
3072:d1TYGMLI+pnNPEXR8emVs3woJBhWmkI7w/7H4ob:djYEXR8LohWmkI7w/T4ob
Score7/10-
Changes its process name
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-