General

  • Target

    a479a03f77007562d6ccb98a4c1204d6.elf

  • Size

    101KB

  • Sample

    240402-rjed2ach35

  • MD5

    a479a03f77007562d6ccb98a4c1204d6

  • SHA1

    e9c4afe8dd1a9007ededbae2db5ebaa8ac48f699

  • SHA256

    460678c60810fb388ba3b35325204c4f88266cddf25541f18434c7a1b854d4d4

  • SHA512

    e6d86be2f3a8d30dfbd3d026af04853af671855757b2f6f412b56e4a1f464f5c193c5d6ef6a13411f25eced93608515ee2ded446952b5607033d78b7c3be7c13

  • SSDEEP

    1536:DoZlzYPSf5l9vrV0fRRLT5e3Xx2uknBmOCQUHpQLcjjY4ttpm8QqS7ojkEEXaZk:oYsl9vrKfs3CnrUHeIm8QqS7ojfEXaZk

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

141.98.7.37:65480

Targets

    • Target

      a479a03f77007562d6ccb98a4c1204d6.elf

    • Size

      101KB

    • MD5

      a479a03f77007562d6ccb98a4c1204d6

    • SHA1

      e9c4afe8dd1a9007ededbae2db5ebaa8ac48f699

    • SHA256

      460678c60810fb388ba3b35325204c4f88266cddf25541f18434c7a1b854d4d4

    • SHA512

      e6d86be2f3a8d30dfbd3d026af04853af671855757b2f6f412b56e4a1f464f5c193c5d6ef6a13411f25eced93608515ee2ded446952b5607033d78b7c3be7c13

    • SSDEEP

      1536:DoZlzYPSf5l9vrV0fRRLT5e3Xx2uknBmOCQUHpQLcjjY4ttpm8QqS7ojkEEXaZk:oYsl9vrKfs3CnrUHeIm8QqS7ojfEXaZk

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks