General

  • Target

    qqyt33.i586.elf

  • Size

    89KB

  • Sample

    240528-knqjjaea86

  • MD5

    f93ec1d5e3aba4a238a062638628094e

  • SHA1

    8c509d166f1e7ffb6bbbe7aa0b414c23cefc816f

  • SHA256

    afb90bfc1a6664682a57c4d5e77ab8f38f50e50db631214c6a6a581dd473bcd2

  • SHA512

    e7edb2af8b956a33328dbf68cbeabea107437d4da6bbd58ba8eb5ac8bfe010daf40c0affaa573b5459979e682145bc01d3889ffbe075ffdd53d0e16bb70408e8

  • SSDEEP

    1536:ZxfCQUQm1BFojRajZYm2jZIqK9XUnT5MHDG+mO5hHllCI9zmQ0AlV6ESYrr9:ZxfBUQm1v9jWjZ69kGHDG+mO5hHl0mzt

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

80.253.246.4:777

Targets

    • Target

      qqyt33.i586.elf

    • Size

      89KB

    • MD5

      f93ec1d5e3aba4a238a062638628094e

    • SHA1

      8c509d166f1e7ffb6bbbe7aa0b414c23cefc816f

    • SHA256

      afb90bfc1a6664682a57c4d5e77ab8f38f50e50db631214c6a6a581dd473bcd2

    • SHA512

      e7edb2af8b956a33328dbf68cbeabea107437d4da6bbd58ba8eb5ac8bfe010daf40c0affaa573b5459979e682145bc01d3889ffbe075ffdd53d0e16bb70408e8

    • SSDEEP

      1536:ZxfCQUQm1BFojRajZYm2jZIqK9XUnT5MHDG+mO5hHllCI9zmQ0AlV6ESYrr9:ZxfBUQm1v9jWjZ69kGHDG+mO5hHl0mzt

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks