General

  • Target

    fb6fb2563df6d09b159a186f2d2cc0680370c3a162e4a480fc6827bb81b6015c.elf

  • Size

    98KB

  • Sample

    240330-cxffxsfh44

  • MD5

    cdc66da4c5dce819f515426efe4b42c2

  • SHA1

    eef7fe700252700696aba59df75c9e96332340f6

  • SHA256

    fb6fb2563df6d09b159a186f2d2cc0680370c3a162e4a480fc6827bb81b6015c

  • SHA512

    00b6056c616defaa388cf614b0948a3746b0827b770bf633d4e3f4b3b8f5bce85d72e8bfc4e5d5a318c65f4f06221cabec5d27ef077c99d6690d18d7d6a99493

  • SSDEEP

    3072:Dk6A8U8UqUjaErZLunCgTiSWTvUXR8ePdaH1nzyWmyezXdKCYdoq:Dm8frga0ZLuHGSWTsXR8adgnzyWmyezq

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

193.35.18.56:65490

Targets

    • Target

      fb6fb2563df6d09b159a186f2d2cc0680370c3a162e4a480fc6827bb81b6015c.elf

    • Size

      98KB

    • MD5

      cdc66da4c5dce819f515426efe4b42c2

    • SHA1

      eef7fe700252700696aba59df75c9e96332340f6

    • SHA256

      fb6fb2563df6d09b159a186f2d2cc0680370c3a162e4a480fc6827bb81b6015c

    • SHA512

      00b6056c616defaa388cf614b0948a3746b0827b770bf633d4e3f4b3b8f5bce85d72e8bfc4e5d5a318c65f4f06221cabec5d27ef077c99d6690d18d7d6a99493

    • SSDEEP

      3072:Dk6A8U8UqUjaErZLunCgTiSWTvUXR8ePdaH1nzyWmyezXdKCYdoq:Dm8frga0ZLuHGSWTsXR8adgnzyWmyezq

    Score
    7/10
    • Changes its process name

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks