General

  • Target

    20ac928a32d7259907e93b82c7a9a046.bin

  • Size

    67KB

  • Sample

    240331-bgt4psba2v

  • MD5

    92fa3e10c83640a1fb46ebba6d77e087

  • SHA1

    a942a5b1a3f63b6697f00f4c3478fa99adc4eca4

  • SHA256

    57e5c44ca33d338d54177becc588ffa4187b5cebf6f870acd72018a57ffc1999

  • SHA512

    a4add76e0e5e577dd6fbbe57f311bd2b98471db5c7de6c06960afc30bb189af791aa540af3bd5992865eb77631d68f8217d379bb0353dce17bab28a1b1829401

  • SSDEEP

    1536:XlfpwzCGszl8uWsIMrk1iq4zzKj7MqBpkuK7Cdn:ZpwzfessIMrkn4HKj7MikuKwn

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

193.35.18.56:65490

Targets

    • Target

      97cf5198be05d13e85a49e4720b2050f2af110ae775bcd6c180391e8853ecd7f.elf

    • Size

      162KB

    • MD5

      20ac928a32d7259907e93b82c7a9a046

    • SHA1

      d63d1860d7cec58ad0ecfde259644c1f94691f95

    • SHA256

      97cf5198be05d13e85a49e4720b2050f2af110ae775bcd6c180391e8853ecd7f

    • SHA512

      7697bcc693fd60e9c9d8146a2d5561a2e6de288a2b9f04da47dbf0299239a6fa9463626264e16cd91229b43e3bc9d895d05a20f84031dcbe95aa66168b2b5ab7

    • SSDEEP

      3072:EEz42nad2snP1yJShni71cvvK5SXeE2DxVsWmJhny2qAQYzc:znad2sn9yqi7mvvKcXeE2DxVsWmJhnyL

    Score
    7/10
    • Changes its process name

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks