General

  • Target

    076b484f49cba4b6beee1c536b0e9cf0f0e942164ee6200123f29f87cebac781.elf

  • Size

    111KB

  • Sample

    240704-bd4hzaxelc

  • MD5

    bbcabbdbe477a358f414a7e732fb94b1

  • SHA1

    658d83bcfca43ad03ae62f268d4f60bb919f6ec8

  • SHA256

    076b484f49cba4b6beee1c536b0e9cf0f0e942164ee6200123f29f87cebac781

  • SHA512

    9960db4141aa36658d1c627c6da4d1553ee16a6952cbff3d87fbba86791e2266fd10cd02a6b9b8efc9663f70ade05cabd21df0bf6abf6a77895e8a86ce073fc1

  • SSDEEP

    3072:DWmzrbF74j25hU8tRreU4gQKdwwzF9GhsRiAe:DLzrJ825hU8t2KdwwzF9GhsRiAe

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

194.233.78.47:4258

Targets

    • Target

      076b484f49cba4b6beee1c536b0e9cf0f0e942164ee6200123f29f87cebac781.elf

    • Size

      111KB

    • MD5

      bbcabbdbe477a358f414a7e732fb94b1

    • SHA1

      658d83bcfca43ad03ae62f268d4f60bb919f6ec8

    • SHA256

      076b484f49cba4b6beee1c536b0e9cf0f0e942164ee6200123f29f87cebac781

    • SHA512

      9960db4141aa36658d1c627c6da4d1553ee16a6952cbff3d87fbba86791e2266fd10cd02a6b9b8efc9663f70ade05cabd21df0bf6abf6a77895e8a86ce073fc1

    • SSDEEP

      3072:DWmzrbF74j25hU8tRreU4gQKdwwzF9GhsRiAe:DLzrJ825hU8t2KdwwzF9GhsRiAe

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks