Overview

overview

10

Static

static

10

rebirth.mips.elf

debian-9-mips

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    rebirth.mips.elf

  • Size

    136KB

  • Sample

    241230-bnzyjasqft

  • MD5

    234c5311320c240ccbe1a35e5a04154a

  • SHA1

    ec2b491526c556265889aeb0b40f876c0e800c01

  • SHA256

    d30bc71e2cac4197133475e93a6c11157a3dcef3cc4f80bdc36aeb5bb9957e3f

  • SHA512

    ee0febb99d6f118bacf19f9261122f43e3372a595a33ffdbe5dcc7b07d9068a363febd15895146521683b48cb8ccb016197de3a7d9c3a8b6dbf840910b2fb76a

  • SSDEEP

    1536:DHfGlkuMau3GanIg2rK/c6U1J8iEHLfPti2dSImNEz7ugf7hoWlNDsKrj4hs29NA:Kx+/PtiJn8ugN9s4XoVmCBgAYiCh

Score
10/10
gafgytdiscovery

Malware Config

Extracted

Family

gafgyt

C2

23.95.72.235:666

Targets

    • Target

      rebirth.mips.elf

    • Size

      136KB

    • MD5

      234c5311320c240ccbe1a35e5a04154a

    • SHA1

      ec2b491526c556265889aeb0b40f876c0e800c01

    • SHA256

      d30bc71e2cac4197133475e93a6c11157a3dcef3cc4f80bdc36aeb5bb9957e3f

    • SHA512

      ee0febb99d6f118bacf19f9261122f43e3372a595a33ffdbe5dcc7b07d9068a363febd15895146521683b48cb8ccb016197de3a7d9c3a8b6dbf840910b2fb76a

    • SSDEEP

      1536:DHfGlkuMau3GanIg2rK/c6U1J8iEHLfPti2dSImNEz7ugf7hoWlNDsKrj4hs29NA:Kx+/PtiJn8ugN9s4XoVmCBgAYiCh

    Score
    6/10
    discovery

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks