Overview

overview

10

Static

static

10

yakuza3.i586.elf

ubuntu-24.04-amd64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    yakuza3.i586.elf

  • Size

    85KB

  • Sample

    241110-wxlgqasbnr

  • MD5

    3ca0dcad18d526519b37bead6d55bc30

  • SHA1

    7ce84cc80e78afcde88800ef575c2a5a0e3dcc68

  • SHA256

    c8feb9578cb8acdc4ed1193da603998b5e7292b5b0d51ef365a01381709f7e2b

  • SHA512

    2394b48bc5fdbf3c3b4920a59d80217e98a787b20e562a8d068af13255d2740e557b4ba6ebfc4b5838522cd2b5db0c6b9a51ef44126950eac88d358049e92717

  • SSDEEP

    1536:T4bEkXUgMcRUz1OfbIYpIOvXceEQ9E3+MKA3C5hC+4+7she0QzUzJYQ2Wk:MbTUg5UBOjINOvseE6E31W5hCk7Ue0Ql

Score
10/10
gafgytlinuxrootkit

Malware Config

Extracted

Family

gafgyt

C2

74.48.66.83:23

Targets

    • Target

      yakuza3.i586.elf

    • Size

      85KB

    • MD5

      3ca0dcad18d526519b37bead6d55bc30

    • SHA1

      7ce84cc80e78afcde88800ef575c2a5a0e3dcc68

    • SHA256

      c8feb9578cb8acdc4ed1193da603998b5e7292b5b0d51ef365a01381709f7e2b

    • SHA512

      2394b48bc5fdbf3c3b4920a59d80217e98a787b20e562a8d068af13255d2740e557b4ba6ebfc4b5838522cd2b5db0c6b9a51ef44126950eac88d358049e92717

    • SSDEEP

      1536:T4bEkXUgMcRUz1OfbIYpIOvXceEQ9E3+MKA3C5hC+4+7she0QzUzJYQ2Wk:MbTUg5UBOjINOvseE6E31W5hCk7Ue0Ql

    Score
    7/10
    rootkit

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

      rootkit
    behavioral1

MITRE ATT&CK Matrix

Tasks