General

  • Target

    1aeb2935aec67978bfdab8243470b577.bin

  • Size

    57KB

  • Sample

    241225-bc995asnft

  • MD5

    ee9d2c0324a7312080e5255ff7b9f818

  • SHA1

    32f904731b4051deabe157ebaaa1c6c8d8cb18ce

  • SHA256

    8c8c04ec1ec8cf4cdc5b3252a41d545041124549bc5fd8c241cff01a136cc5d2

  • SHA512

    e979dc48d21051b6c5084f3f8bf67c9d105a31e230551b2ddbd44c336bed7118a9469fa7b11c15c904a6b54604e15c791f10a717f2d780486e44a504d0573923

  • SSDEEP

    1536:Cgjt21xm2gdjxTiwKACW9lMhHKBQxcYDAD:CgjtkYAfEQH2TYcD

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

154.213.186.115:4444

Targets

    • Target

      936937cb11ad426210af65f850f4afee5713e324ad703a12d0b5f687ea84cf57.elf

    • Size

      139KB

    • MD5

      1aeb2935aec67978bfdab8243470b577

    • SHA1

      b26b260d86609e9c758279c59eb8caec53fd0f69

    • SHA256

      936937cb11ad426210af65f850f4afee5713e324ad703a12d0b5f687ea84cf57

    • SHA512

      3843063e037212bc1a60b67a69407cb466ee67d6d9935018f7fcebe5536c4be078cc797865cdfafd2f9073cec8c6425546089aee641d3788b61f4238a15748ce

    • SSDEEP

      3072:y0qt4/xuMMipV3SwwaY5zjO5hSJylb0mJswdytNr9:yWtD3wjO5hLCmJswdytNr9

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks