General

  • Target

    479a59d369b590829900787ec24f57c2.elf

  • Size

    209KB

  • Sample

    240424-ml4dqagh53

  • MD5

    479a59d369b590829900787ec24f57c2

  • SHA1

    80b7168501a5ce3133c45c7b0c1806b28df37240

  • SHA256

    6700fd45772662f76aed607a2549250c2e3c00da716b28d0de74e442cfe722ea

  • SHA512

    c26a8ec70c343d9aae7a0be4a26c7d0eb08e93a4d373dc7e114bf223eec08f494dec2b91e7bf630dde94781f96a972580a1bb97f6bc04147556cf5a6c6163a85

  • SSDEEP

    3072:DXG975JM8kUdxUSlS5Pj+yqu5/Zqay+R9ask0QcYb/5hhC1cmrpy6n9Nn:DWYCzcYb/5hhBmrpy6n9Nn

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

93.123.85.78:55

Targets

    • Target

      479a59d369b590829900787ec24f57c2.elf

    • Size

      209KB

    • MD5

      479a59d369b590829900787ec24f57c2

    • SHA1

      80b7168501a5ce3133c45c7b0c1806b28df37240

    • SHA256

      6700fd45772662f76aed607a2549250c2e3c00da716b28d0de74e442cfe722ea

    • SHA512

      c26a8ec70c343d9aae7a0be4a26c7d0eb08e93a4d373dc7e114bf223eec08f494dec2b91e7bf630dde94781f96a972580a1bb97f6bc04147556cf5a6c6163a85

    • SSDEEP

      3072:DXG975JM8kUdxUSlS5Pj+yqu5/Zqay+R9ask0QcYb/5hhC1cmrpy6n9Nn:DWYCzcYb/5hhBmrpy6n9Nn

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks