General

  • Target

    m-i.p-s.ISIS.elf

  • Size

    131KB

  • Sample

    241113-pabwfasanp

  • MD5

    9ac817bdf5192fbc64b39eb072a257b0

  • SHA1

    43943d83e526906f0f9b455656ca7575586e9dac

  • SHA256

    4478f6be2fa3dac7bdd17c60c8187aa120d25966d8ac0901de13a1e182467aa1

  • SHA512

    2156b485118e8014da33f56518bdcf4ac185476f754200b7af45a23144b9a01d68e9ff3f43f8bb257c1442c8f0d742497564278c7599f076be01e252132ba274

  • SSDEEP

    3072:jGTyrDxJWwAfr9f3yJddxUEJmTDmjOrWcpu3NJFARtRVJhGvaZqhZYiDhB/ZZ9Ba:C+nZSZwnJeUmkASFxBKvXZX

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

185.78.76.132:839

Targets

    • Target

      m-i.p-s.ISIS.elf

    • Size

      131KB

    • MD5

      9ac817bdf5192fbc64b39eb072a257b0

    • SHA1

      43943d83e526906f0f9b455656ca7575586e9dac

    • SHA256

      4478f6be2fa3dac7bdd17c60c8187aa120d25966d8ac0901de13a1e182467aa1

    • SHA512

      2156b485118e8014da33f56518bdcf4ac185476f754200b7af45a23144b9a01d68e9ff3f43f8bb257c1442c8f0d742497564278c7599f076be01e252132ba274

    • SSDEEP

      3072:jGTyrDxJWwAfr9f3yJddxUEJmTDmjOrWcpu3NJFARtRVJhGvaZqhZYiDhB/ZZ9Ba:C+nZSZwnJeUmkASFxBKvXZX

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks