General

  • Target

    eb29845c5b37100c3ab5e4e503ea5e82.elf

  • Size

    124KB

  • Sample

    240402-g9gxqsac4w

  • MD5

    eb29845c5b37100c3ab5e4e503ea5e82

  • SHA1

    cc310694aceb8d08919b878efbd72eb46868d155

  • SHA256

    159c47b679b7c7f0887ecf4fd48e046700f1d5c30d985a5249e2299c0e626cd9

  • SHA512

    50392df5f7d5d4624fb47ce41777f0d0d236766e785bee787dc81c73e1f204a30177001ee9e6645be71d24ed5132cad36556999fd5de48aeaaff6fd92f78c390

  • SSDEEP

    3072:TWpbc37+Qp2nrkGJc/85hJY7rpmJC0OzQaGyPZk:T9Lyc/85hJkmJC0OzQaGyPZk

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

92.249.48.166:23

Targets

    • Target

      eb29845c5b37100c3ab5e4e503ea5e82.elf

    • Size

      124KB

    • MD5

      eb29845c5b37100c3ab5e4e503ea5e82

    • SHA1

      cc310694aceb8d08919b878efbd72eb46868d155

    • SHA256

      159c47b679b7c7f0887ecf4fd48e046700f1d5c30d985a5249e2299c0e626cd9

    • SHA512

      50392df5f7d5d4624fb47ce41777f0d0d236766e785bee787dc81c73e1f204a30177001ee9e6645be71d24ed5132cad36556999fd5de48aeaaff6fd92f78c390

    • SSDEEP

      3072:TWpbc37+Qp2nrkGJc/85hJY7rpmJC0OzQaGyPZk:T9Lyc/85hJkmJC0OzQaGyPZk

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks