General

  • Target

    74543886e68105c88ece01d466cbe14f.elf

  • Size

    166KB

  • Sample

    240402-g9gxqsag54

  • MD5

    74543886e68105c88ece01d466cbe14f

  • SHA1

    3888fb28137fb2a2ee98676af1480c04df42cfd3

  • SHA256

    6f1b236e27c01dfa1c53fa923ca5a8265f57c391ff270d5e82445beb25fa95fb

  • SHA512

    b8b1612651719e0b835b911b5375f470ac698fb4e78d5062de7adf653bfcd7ca87c1a314f352a68712cecbdbbcdebbaee38bb248d43d7a915146ed1d57e32344

  • SSDEEP

    3072:cyd1BPL8Z60aMnGjuog68Fi5L95hM1D1/6JrTRxmfQOYbr5Wn:Lz060auGjJ5L95he/6XxmfQOYbr5Wn

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

94.156.8.109:671

Targets

    • Target

      74543886e68105c88ece01d466cbe14f.elf

    • Size

      166KB

    • MD5

      74543886e68105c88ece01d466cbe14f

    • SHA1

      3888fb28137fb2a2ee98676af1480c04df42cfd3

    • SHA256

      6f1b236e27c01dfa1c53fa923ca5a8265f57c391ff270d5e82445beb25fa95fb

    • SHA512

      b8b1612651719e0b835b911b5375f470ac698fb4e78d5062de7adf653bfcd7ca87c1a314f352a68712cecbdbbcdebbaee38bb248d43d7a915146ed1d57e32344

    • SSDEEP

      3072:cyd1BPL8Z60aMnGjuog68Fi5L95hM1D1/6JrTRxmfQOYbr5Wn:Lz060auGjJ5L95he/6XxmfQOYbr5Wn

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks