Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

m-p.s-l.Sakura.elf

debian-12-mipsel

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    m-p.s-l.Sakura.elf

  • Size

    123KB

  • Sample

    250218-x6fs9sxkfn

  • MD5

    301abf86c75d3c8e4bf26d4c0ea8aafa

  • SHA1

    0e60857bf7d0a8d5eddd850042682b14aec03017

  • SHA256

    5ab6f4941c390d0c882f0ea0572c94282b6c7262ae288928d4a7461e1f87a5f2

  • SHA512

    9ecdfe31bc874ee7ce5c3e02844d5660d6420b4478a4ed08fbf478ffb07b6b27a9aebff57682fd10219227f9516c0c18d59f22297ec848e854e79aa4fcc5c7fa

  • SSDEEP

    1536:/UHeTxCAms/Y8Zm3lKYA43gMJwSkJ8Epv+DzUh8rmW+IFB1Df11hR/:/UyLqAmgMJM8Ex+Dw8rmW+IFB1Dt1hR/

Score
10/10
gafgytdiscovery

Malware Config

Extracted

Family

gafgyt

C2

87.251.79.180:12345

Targets

    • Target

      m-p.s-l.Sakura.elf

    • Size

      123KB

    • MD5

      301abf86c75d3c8e4bf26d4c0ea8aafa

    • SHA1

      0e60857bf7d0a8d5eddd850042682b14aec03017

    • SHA256

      5ab6f4941c390d0c882f0ea0572c94282b6c7262ae288928d4a7461e1f87a5f2

    • SHA512

      9ecdfe31bc874ee7ce5c3e02844d5660d6420b4478a4ed08fbf478ffb07b6b27a9aebff57682fd10219227f9516c0c18d59f22297ec848e854e79aa4fcc5c7fa

    • SSDEEP

      1536:/UHeTxCAms/Y8Zm3lKYA43gMJwSkJ8Epv+DzUh8rmW+IFB1Df11hR/:/UyLqAmgMJM8Ex+Dw8rmW+IFB1Dt1hR/

    Score
    6/10
    discovery

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks