General

  • Target

    28de33f3b036dc628612c11cf4c8a080.elf

  • Size

    128KB

  • Sample

    240402-rjzpzach48

  • MD5

    28de33f3b036dc628612c11cf4c8a080

  • SHA1

    7cbc723179d166b033dab9fcaa5be61e6f0fc0d3

  • SHA256

    0fa517469b80788a5d9d1e3c38e21b2fe5cdc3d3eb5073bf1932d93ffea86371

  • SHA512

    b3b7e12a0cce4ac616448fc96d1d471d04dd3574239e3d5219d05ca19a3f15f0ed15ca0bb771987c18756c02bc0195ba673266dbb76b7baffd823100f4d31f4a

  • SSDEEP

    1536:qOyl+GxoTGPh+PrI52rK8Lq3qLqdqkC2rK82qmq+A1R2euZNRJnbYUmTEOFmUDfL:2ruA0A1RCnJnbYUmTEOFmUD2sLWk

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

141.98.7.37:65480

Targets

    • Target

      28de33f3b036dc628612c11cf4c8a080.elf

    • Size

      128KB

    • MD5

      28de33f3b036dc628612c11cf4c8a080

    • SHA1

      7cbc723179d166b033dab9fcaa5be61e6f0fc0d3

    • SHA256

      0fa517469b80788a5d9d1e3c38e21b2fe5cdc3d3eb5073bf1932d93ffea86371

    • SHA512

      b3b7e12a0cce4ac616448fc96d1d471d04dd3574239e3d5219d05ca19a3f15f0ed15ca0bb771987c18756c02bc0195ba673266dbb76b7baffd823100f4d31f4a

    • SSDEEP

      1536:qOyl+GxoTGPh+PrI52rK8Lq3qLqdqkC2rK82qmq+A1R2euZNRJnbYUmTEOFmUDfL:2ruA0A1RCnJnbYUmTEOFmUD2sLWk

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks