General

  • Target

    24654be7bb525a3634f7d1229e965f62.elf

  • Size

    120KB

  • Sample

    240402-kjp27sca7x

  • MD5

    24654be7bb525a3634f7d1229e965f62

  • SHA1

    60aa083370cbf38db1d73b0aebf293a0c1ffdf1e

  • SHA256

    d71b600752b028cb1666c54b600c5fcdaeb74575fdf59094f49923aa1416435f

  • SHA512

    6cdd187a31f0145107f9dcee9167a791fe37d57fddf79e8c2b2131b14542343945d2329c9e1d067f1845c383d095ccc2673a1a4cdfe12b448df85bea4e9622be

  • SSDEEP

    3072:ShhAfn3U8UXULUwUbUJ1hYlHRRDsBOnRt5h0kE5mJC0OzQaGyPZk:SAf3ts05gehYlxO4Rt5h0nmJC0OzQaGN

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

92.249.48.166:23

Targets

    • Target

      24654be7bb525a3634f7d1229e965f62.elf

    • Size

      120KB

    • MD5

      24654be7bb525a3634f7d1229e965f62

    • SHA1

      60aa083370cbf38db1d73b0aebf293a0c1ffdf1e

    • SHA256

      d71b600752b028cb1666c54b600c5fcdaeb74575fdf59094f49923aa1416435f

    • SHA512

      6cdd187a31f0145107f9dcee9167a791fe37d57fddf79e8c2b2131b14542343945d2329c9e1d067f1845c383d095ccc2673a1a4cdfe12b448df85bea4e9622be

    • SSDEEP

      3072:ShhAfn3U8UXULUwUbUJ1hYlHRRDsBOnRt5h0kE5mJC0OzQaGyPZk:SAf3ts05gehYlxO4Rt5h0nmJC0OzQaGN

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks