General

  • Target

    hidakibest.arm6.elf

  • Size

    150KB

  • Sample

    240701-e2h4qawekc

  • MD5

    b4f5de5f59a9786c78cf6a3fca88da5b

  • SHA1

    4255755e8164286d45a7f51a88b94088ec68b4d7

  • SHA256

    50906b762464c48736b15b6966afa4f9c64613818bc0436607ed49e68057f47c

  • SHA512

    5ca7f4336ad61468f5b57387733209f5eb850915313946d3e26711b79d30b84b459e1922749c738119cb4a19a4b44976f78de5074d8ac486ce1ad34c2b9f254c

  • SSDEEP

    3072:Tdbmn8aAEHqgSkano1DTAT5hWTGZWYxVlxXmpwTsL/QMyn:he8aAEHKkdDT65hWTGZWYxVldmpwTsLS

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

37.156.29.141:4258

Targets

    • Target

      hidakibest.arm6.elf

    • Size

      150KB

    • MD5

      b4f5de5f59a9786c78cf6a3fca88da5b

    • SHA1

      4255755e8164286d45a7f51a88b94088ec68b4d7

    • SHA256

      50906b762464c48736b15b6966afa4f9c64613818bc0436607ed49e68057f47c

    • SHA512

      5ca7f4336ad61468f5b57387733209f5eb850915313946d3e26711b79d30b84b459e1922749c738119cb4a19a4b44976f78de5074d8ac486ce1ad34c2b9f254c

    • SSDEEP

      3072:Tdbmn8aAEHqgSkano1DTAT5hWTGZWYxVlxXmpwTsL/QMyn:he8aAEHKkdDT65hWTGZWYxVldmpwTsLS

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks