General

  • Target

    0faba175f8b037661975056bed631c15.bin

  • Size

    42KB

  • Sample

    241224-bc1exsxlhl

  • MD5

    b5aa8cb1a0016190a9863568db64fc3c

  • SHA1

    ab030a7f015b7bb58d70dbcc5b01b5bea01ec88d

  • SHA256

    f4f51061c4ab1bfd5bbdea22d1504f3df2d1ee72b3bbfe976e2410e9eac73f3b

  • SHA512

    024fa1f75f0cd4ee6f0637fbdaec795a863b3e40537c5ab37806bba20f0dfc89e4132f6ae1e6d10db25e7c3696d42aba93240e91c93c059de89a85371c7383d0

  • SSDEEP

    768:0EA0mHhyuXW98XTwa+yygmKAip4vJK3V0mUFG0AbtmNqMC2lnNmaU:2EuXEa+yyzKA24vJK3V/OdApmNHNRMaU

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

31.172.83.147:4258

Targets

    • Target

      3c8123a8a0ec8b8282782106dd5bc2279367732377813fa93d383dbedd5fc9f1.elf

    • Size

      111KB

    • MD5

      0faba175f8b037661975056bed631c15

    • SHA1

      668150ff8d38aeb805394a1169607facc7c79d4e

    • SHA256

      3c8123a8a0ec8b8282782106dd5bc2279367732377813fa93d383dbedd5fc9f1

    • SHA512

      a6657212b3fc60d8ae90cb37b4530a11be86e2f2910d404583f50c0433b66a9209e258536a2ec8f7dbc69fbcd6d05e18618b19c3b51fe3d705e1292c6bbce4c8

    • SSDEEP

      3072:DWmzrbF74jl5hU8tRreU4gQKdwwzF9GhsRiAe:DLzrJ8l5hU8t2KdwwzF9GhsRiAe

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks