General

  • Target

    9286efc83deb54efc43a7f721ae40fc910f76bffd4053839d99c1ad569297c95.elf

  • Size

    139KB

  • Sample

    240703-crwwqasdne

  • MD5

    a27f80b4d4d2a44105180b56e866cb31

  • SHA1

    a6e4f1103b482ed00d4263b84c6f0e8caac5a245

  • SHA256

    9286efc83deb54efc43a7f721ae40fc910f76bffd4053839d99c1ad569297c95

  • SHA512

    66445f6f5fcbf552bc4c5406fcdde18ad92e18fbe19b544018d4e0ea3863f373ecb0b216fcf6c464e6b21e6700e6aaddb2790dc11bdcc1d79823f7603e80b0ae

  • SSDEEP

    3072:yclx0/BSAMipV3SwwaY5zjP5h6Naqb0mJswdytNr9:y3tD3wjP5hv7mJswdytNr9

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

195.85.205.47:777

Targets

    • Target

      9286efc83deb54efc43a7f721ae40fc910f76bffd4053839d99c1ad569297c95.elf

    • Size

      139KB

    • MD5

      a27f80b4d4d2a44105180b56e866cb31

    • SHA1

      a6e4f1103b482ed00d4263b84c6f0e8caac5a245

    • SHA256

      9286efc83deb54efc43a7f721ae40fc910f76bffd4053839d99c1ad569297c95

    • SHA512

      66445f6f5fcbf552bc4c5406fcdde18ad92e18fbe19b544018d4e0ea3863f373ecb0b216fcf6c464e6b21e6700e6aaddb2790dc11bdcc1d79823f7603e80b0ae

    • SSDEEP

      3072:yclx0/BSAMipV3SwwaY5zjP5h6Naqb0mJswdytNr9:y3tD3wjP5hv7mJswdytNr9

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks