Malware Analysis Report

2024-11-15 05:04

Sample ID 240527-htsvqscg26
Target ca4b1ae481fa3903228f9ece7122b4d4.elf
SHA256 3887ae8f8555c54cf15167fdf16e314ab35db2093364d9757525ce51f454d802
Tags
gafgyt
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

3887ae8f8555c54cf15167fdf16e314ab35db2093364d9757525ce51f454d802

Threat Level: Known bad

The file ca4b1ae481fa3903228f9ece7122b4d4.elf was found to be: Known bad.

Malicious Activity Summary

gafgyt

Detected Gafgyt variant

Gafgyt family

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-05-27 07:02

Signatures

Detected Gafgyt variant

Description Indicator Process Target
N/A N/A N/A N/A

Gafgyt family

gafgyt

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-27 07:02

Reported

2024-05-27 07:04

Platform

ubuntu2204-amd64-20240522.1-en

Max time network

151s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
MD 176.123.4.187:666 tcp
N/A 224.0.0.251:5353 udp
US 162.244.55.217:14115 udp
US 162.244.55.217:9015 udp
US 162.244.55.217:16724 udp
US 162.244.55.217:19539 udp
US 162.244.55.217:18519 udp
US 162.244.55.217:22359 udp
US 162.244.55.217:21581 udp
US 162.244.55.217:17240 udp

Files

N/A