General

  • Target

    496008494efa67cae910a5ec2d41f2cf90ce032b32a038ba765aa246479d7ee6.elf

  • Size

    123KB

  • Sample

    241116-hgykfssall

  • MD5

    401073850eb2eeff1d76b5503d012261

  • SHA1

    d852353bcf1b6b0365d66920aaef58ea2b39088a

  • SHA256

    496008494efa67cae910a5ec2d41f2cf90ce032b32a038ba765aa246479d7ee6

  • SHA512

    a99f3759465d47b710294893ea16c07af6a492d8092c65acbd067ce92698addcc569045947487255c8f14b4ce03081acb9ed30c189a48287aa5185117e9bbfa4

  • SSDEEP

    1536:/UHeTxCAms/Y8Zm3lKYA43gMJwSkJ8EpP+DzUh8rmW+IFB1Df11hR/:/UyLqAmgMJM8E5+Dw8rmW+IFB1Dt1hR/

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

31.172.87.139:12345

Targets

    • Target

      496008494efa67cae910a5ec2d41f2cf90ce032b32a038ba765aa246479d7ee6.elf

    • Size

      123KB

    • MD5

      401073850eb2eeff1d76b5503d012261

    • SHA1

      d852353bcf1b6b0365d66920aaef58ea2b39088a

    • SHA256

      496008494efa67cae910a5ec2d41f2cf90ce032b32a038ba765aa246479d7ee6

    • SHA512

      a99f3759465d47b710294893ea16c07af6a492d8092c65acbd067ce92698addcc569045947487255c8f14b4ce03081acb9ed30c189a48287aa5185117e9bbfa4

    • SSDEEP

      1536:/UHeTxCAms/Y8Zm3lKYA43gMJwSkJ8EpP+DzUh8rmW+IFB1Df11hR/:/UyLqAmgMJM8E5+Dw8rmW+IFB1Dt1hR/

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks