General

  • Target

    sshd.elf

  • Size

    170KB

  • Sample

    241111-r21d8atmen

  • MD5

    fd39dae5a09f57762f4019672e3fd3fb

  • SHA1

    5ef0451c1edf6fd8257b254289bf8a5d74fe19c7

  • SHA256

    d485508087f98610ad07803257ca0e84a3994c3af1ca841d919bc7782c6cca70

  • SHA512

    0c0385a9e9fa58e1702a0428e3b58eea9135d625bdc745453f46fb836b00e173cdeaa2e47bc212b35fc99e2b576885e1c37ae1cd2eb15a0cf63fcd2b8be6af82

  • SSDEEP

    3072:C0yc4bV4mwFN7BmetJ8add9QzhsVchOHsqdfi+KqLwZi+LUk:C0yc4bVOFd0etJ8addQMRTdfi+KqLwUO

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

93.123.85.201:23

Targets

    • Target

      sshd.elf

    • Size

      170KB

    • MD5

      fd39dae5a09f57762f4019672e3fd3fb

    • SHA1

      5ef0451c1edf6fd8257b254289bf8a5d74fe19c7

    • SHA256

      d485508087f98610ad07803257ca0e84a3994c3af1ca841d919bc7782c6cca70

    • SHA512

      0c0385a9e9fa58e1702a0428e3b58eea9135d625bdc745453f46fb836b00e173cdeaa2e47bc212b35fc99e2b576885e1c37ae1cd2eb15a0cf63fcd2b8be6af82

    • SSDEEP

      3072:C0yc4bV4mwFN7BmetJ8add9QzhsVchOHsqdfi+KqLwZi+LUk:C0yc4bVOFd0etJ8addQMRTdfi+KqLwUO

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks