General

  • Target

    5441577a546a4ab2ae6ffd79ec3bd659.elf

  • Size

    107KB

  • Sample

    240402-rfjvcacg43

  • MD5

    5441577a546a4ab2ae6ffd79ec3bd659

  • SHA1

    18c89babc31f7cd007c37a935d81793333bc2640

  • SHA256

    053d0f530242cc21f19c727f8b7b76396948576a9a7c68b69f930bbd76b19954

  • SHA512

    9f9c09282311361d587ed40216bb561b2cd74c26845c6daeeca5e52107a66b3249e60a2ad9291b801608d5d5406cf4e905388e626f1c0482562a0e880414032f

  • SSDEEP

    3072:XYTlJvrj76epWE+yEHjsVxmbZrSdKjitXSrk:0vrj7CE+XHArmbZrSdKjitXSrk

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

141.98.7.37:65480

Targets

    • Target

      5441577a546a4ab2ae6ffd79ec3bd659.elf

    • Size

      107KB

    • MD5

      5441577a546a4ab2ae6ffd79ec3bd659

    • SHA1

      18c89babc31f7cd007c37a935d81793333bc2640

    • SHA256

      053d0f530242cc21f19c727f8b7b76396948576a9a7c68b69f930bbd76b19954

    • SHA512

      9f9c09282311361d587ed40216bb561b2cd74c26845c6daeeca5e52107a66b3249e60a2ad9291b801608d5d5406cf4e905388e626f1c0482562a0e880414032f

    • SSDEEP

      3072:XYTlJvrj76epWE+yEHjsVxmbZrSdKjitXSrk:0vrj7CE+XHArmbZrSdKjitXSrk

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks