General
-
Target
e1999a446f33992721b9df541f3fe535.bin
-
Size
53KB
-
Sample
240331-cekb6acc86
-
MD5
27f0b3ab647952394b49adb32a86f5ce
-
SHA1
1e404ff4bc6416896f5ca4064d6d73f8d8c23708
-
SHA256
573561a7ae1c5e316831f1702d6ef9f71501ffba7c3a62932668b9de3e6f9ccd
-
SHA512
d612d43b6324ef4b71597b50cab98d0fdad2375e09b528c6c2e645580a4e3ac0c3673aed06723e8dfa2ac22a3fded0981b0e103223efedee694eb764ab613bb9
-
SSDEEP
1536:BjMuPL++hXisElGl1Xy+UnZOnYW9bZY0edR+R5a:quPq+osEGiMnZnY0edRC5a
Behavioral task
behavioral1
Sample
4e1b008eda17d2c057157e0c6d533d7948729d31e0d76c4cbfc8a565236e4d52.elf
Resource
debian12-mipsel-20240221-en
Malware Config
Extracted
gafgyt
193.35.18.56:65490
Targets
-
-
Target
4e1b008eda17d2c057157e0c6d533d7948729d31e0d76c4cbfc8a565236e4d52.elf
-
Size
154KB
-
MD5
e1999a446f33992721b9df541f3fe535
-
SHA1
28ff7d2736c65d89f40ce5b0adeca5be17e1a7e3
-
SHA256
4e1b008eda17d2c057157e0c6d533d7948729d31e0d76c4cbfc8a565236e4d52
-
SHA512
fa99fc23ba6de57ecbb0c9ea3f4b88eded0e1df2a6a81c0b4316756a8c146110da06f0549af1e10319f96e539ebb9bf5c4dba8f7a5fb04ff7ec7278a93f88bab
-
SSDEEP
3072:No9q1+5V/JjAjyvvK5G0rrpOWmnVv5A46/Dc:No9aUjAjyvvKE0rYWmnVv5AL/Dc
Score7/10-
Changes its process name
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-