General

  • Target

    fd0b10b636f99ee5e527b266d917c41d33230ad6bf600454e10b3e106db1031c.elf

  • Size

    156KB

  • Sample

    241224-grnbsssnap

  • MD5

    afcb3a143b9f4e3a985c3eeb2e2ae4c8

  • SHA1

    295f0e0380f71feb1c8911e29882db6a792bbd58

  • SHA256

    fd0b10b636f99ee5e527b266d917c41d33230ad6bf600454e10b3e106db1031c

  • SHA512

    b6124a40e8a5e7ff49df9b11e3b5097ac9e81b76c6146d902600f50de431e535136d22d63a34736b3fc53121ad0fa2d6b00af18b1ce834997c94c8eb288f5b08

  • SSDEEP

    3072:JUfEWrumk62lVpRt1T1LP2hphahpvnNjn3+AVmedhVdQMUmBT38dAY4:mQ2hphabVjPd9UmBT38dAY4

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

154.213.186.115:4444

Targets

    • Target

      fd0b10b636f99ee5e527b266d917c41d33230ad6bf600454e10b3e106db1031c.elf

    • Size

      156KB

    • MD5

      afcb3a143b9f4e3a985c3eeb2e2ae4c8

    • SHA1

      295f0e0380f71feb1c8911e29882db6a792bbd58

    • SHA256

      fd0b10b636f99ee5e527b266d917c41d33230ad6bf600454e10b3e106db1031c

    • SHA512

      b6124a40e8a5e7ff49df9b11e3b5097ac9e81b76c6146d902600f50de431e535136d22d63a34736b3fc53121ad0fa2d6b00af18b1ce834997c94c8eb288f5b08

    • SSDEEP

      3072:JUfEWrumk62lVpRt1T1LP2hphahpvnNjn3+AVmedhVdQMUmBT38dAY4:mQ2hphabVjPd9UmBT38dAY4

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks