General

  • Target

    hidakibest.mpsl.elf

  • Size

    112KB

  • Sample

    240703-njtxyazfmc

  • MD5

    c163da13466c27b15b1ac19c5325cdff

  • SHA1

    cf88d5c8f78483a34348914fa41336cb33d7d91e

  • SHA256

    a65f39874aa58552f03fd3d505032eca1666f8ced144dfa532f2967028254f50

  • SHA512

    3238b69ab547c9742f59ebbafd68753def5dd4a15c725faaee5342987c05232532d2653c0c870bc59b2f68ea541c9e92298dea605934b6c6d3335d415e99bb9a

  • SSDEEP

    3072:7rfMt6MUEproqF5hY1zVKdwwzF9GhsRiAe:3vMzproqF5hYNVKdwwzF9GhsRiAe

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

194.233.78.47:4258

Targets

    • Target

      hidakibest.mpsl.elf

    • Size

      112KB

    • MD5

      c163da13466c27b15b1ac19c5325cdff

    • SHA1

      cf88d5c8f78483a34348914fa41336cb33d7d91e

    • SHA256

      a65f39874aa58552f03fd3d505032eca1666f8ced144dfa532f2967028254f50

    • SHA512

      3238b69ab547c9742f59ebbafd68753def5dd4a15c725faaee5342987c05232532d2653c0c870bc59b2f68ea541c9e92298dea605934b6c6d3335d415e99bb9a

    • SSDEEP

      3072:7rfMt6MUEproqF5hY1zVKdwwzF9GhsRiAe:3vMzproqF5hYNVKdwwzF9GhsRiAe

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks