Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

b392483d5c...b1.elf

ubuntu-22.04-amd64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b392483d5c55d8618b8a921306a08eb1.elf

  • Size

    93KB

  • Sample

    240727-bl9d7azfqd

  • MD5

    b392483d5c55d8618b8a921306a08eb1

  • SHA1

    c4f582f62197b0046b15031b01d2d0164359c7b2

  • SHA256

    6d011b0cebea4188de630dad5a6fa8bdc61a3784b0958a07617eb6b94354e567

  • SHA512

    57be539f25d1bbb12bbbff2544fb370ebbd1ca58ce7c86b5ef39ac0488c1cda48c0f0dabd14a9d91b1350b5eb2ce2b38fb232d771d08483abfa1208214b15a8d

  • SSDEEP

    1536:dgGN1+S0EUf0S7iOxChSm6V1BToFGHGI9WzmaXY0KGrHisZi0Oz/LBDQHRP:eG+SLUcSmgCh16LBTo4HwbI0iYi0Oz/K

Score
10/10
gafgytevasionlinux

Malware Config

Extracted

Family

gafgyt

C2

94.154.172.62:23

Targets

    • Target

      b392483d5c55d8618b8a921306a08eb1.elf

    • Size

      93KB

    • MD5

      b392483d5c55d8618b8a921306a08eb1

    • SHA1

      c4f582f62197b0046b15031b01d2d0164359c7b2

    • SHA256

      6d011b0cebea4188de630dad5a6fa8bdc61a3784b0958a07617eb6b94354e567

    • SHA512

      57be539f25d1bbb12bbbff2544fb370ebbd1ca58ce7c86b5ef39ac0488c1cda48c0f0dabd14a9d91b1350b5eb2ce2b38fb232d771d08483abfa1208214b15a8d

    • SSDEEP

      1536:dgGN1+S0EUf0S7iOxChSm6V1BToFGHGI9WzmaXY0KGrHisZi0Oz/LBDQHRP:eG+SLUcSmgCh16LBTo4HwbI0iYi0Oz/K

    Score
    7/10
    evasion

    • Deletes journal logs

      Deletes systemd journal logs. Likely to evade detection.

      evasion

    • Writes DNS configuration

      Writes data to DNS resolver config file.

    • Deletes log files

      Deletes log files on the system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks