General

  • Target

    399d3cb161c65b7cfa1412af587747ad.bin

  • Size

    41KB

  • Sample

    241110-bg1lgswena

  • MD5

    3b798b8bf05a02b679107ed1f2ea4b4a

  • SHA1

    43080ca9ef2e6522b70159017955da931c336de7

  • SHA256

    f07ddde010a12506a1d65955ed7418b78eeb6bd2bdc16d1af8092695ca7b7eba

  • SHA512

    b38c3c4ddc0391a98ad9f92a1c81372a6cc3cff0f63e202f6b01661f5f9e7413f52a335c20f41d920a506444fb5f9630640e7cf8db79fb57dcb9af40391031f1

  • SSDEEP

    768:uNXWmNgl+3XAOFcJSjA66SL6fb8L/2jW4uD8Lr1bMa2HVaEjX4C7Bd:uNXzNTQOKJMb6Dg/5KXaa21Tj7Bd

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

87.120.114.132:606

Targets

    • Target

      8e2e884b726ea504bc89b51167c585bc407881927d9484205a576cd3809735eb.elf

    • Size

      98KB

    • MD5

      399d3cb161c65b7cfa1412af587747ad

    • SHA1

      d668bfa88b912ffb652e8f90609d65639a08be67

    • SHA256

      8e2e884b726ea504bc89b51167c585bc407881927d9484205a576cd3809735eb

    • SHA512

      ac69aa3cc9cd91e470a51311dae73a69c4d572044dec62d084d9b91f787970337b716fc2a9fd99698ab98812dda8b9659f788552e2beaef53350a4637a946c62

    • SSDEEP

      3072:VSx+i6mqaObhNqnPNKV+qKmZuqQ4DPwXXtse:y6mRObnqnP7qKmZuqQ4DPwXXtse

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks