General

  • Target

    armv7l.elf

  • Size

    156KB

  • Sample

    241216-nk2deaylax

  • MD5

    3b164c33944b75079b4d6af3ccef7274

  • SHA1

    6a5d87db3aca3c9c83eea139651ff2e7f33cd81d

  • SHA256

    83a9cbef3561ddf0e9305e92883c9abd444b713992abe9f1210ac5fd99d65299

  • SHA512

    f6177b787a6859364a1f4a57eecf4d7942dc8a311c072ee4881a042c63a788c3a30f473df4dacb7ab74e69294ade1aa42bf4208e4ff473ef1257b4f5aa34bda5

  • SSDEEP

    3072:f1g2iIFdVzqKA7Y6ISag0/RwqnyLRM/9lzNmFwfBxKQodn:tg2VFdVzBA7fISanKqnydM/9/mFwfBxE

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

150.241.95.250:25565

Targets

    • Target

      armv7l.elf

    • Size

      156KB

    • MD5

      3b164c33944b75079b4d6af3ccef7274

    • SHA1

      6a5d87db3aca3c9c83eea139651ff2e7f33cd81d

    • SHA256

      83a9cbef3561ddf0e9305e92883c9abd444b713992abe9f1210ac5fd99d65299

    • SHA512

      f6177b787a6859364a1f4a57eecf4d7942dc8a311c072ee4881a042c63a788c3a30f473df4dacb7ab74e69294ade1aa42bf4208e4ff473ef1257b4f5aa34bda5

    • SSDEEP

      3072:f1g2iIFdVzqKA7Y6ISag0/RwqnyLRM/9lzNmFwfBxKQodn:tg2VFdVzBA7fISanKqnydM/9/mFwfBxE

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks