Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

a-r.m-5.Sakura.elf

debian-9-armhf

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a-r.m-5.Sakura.elf

  • Size

    98KB

  • Sample

    250218-xzgrzswqbl

  • MD5

    01f5fbf7985ae482564d90cd963281b0

  • SHA1

    40c1567b032263169c34a651f836259692d231b8

  • SHA256

    79f997a3f15c7c213a8e75f541ae238dc0ca97bb9001ecf161b6f8f0ae4ab441

  • SHA512

    4e5432bb3163e85d5091e19b515ca8ccfe4390e0990791106b7c0b18307191473695b382c77486399e5fcb62039edd6f84c10eb3e99151a96651fa5b94ad6755

  • SSDEEP

    3072:1Sd+e6mKaGP0NSD3PpShtKmZuqQ4DPwXXtse:C6mxGP0SD3PiKmZuqQ4DPwXXtse

Score
10/10
gafgytdiscovery

Malware Config

Extracted

Family

gafgyt

C2

205.185.115.242:12345

Targets

    • Target

      a-r.m-5.Sakura.elf

    • Size

      98KB

    • MD5

      01f5fbf7985ae482564d90cd963281b0

    • SHA1

      40c1567b032263169c34a651f836259692d231b8

    • SHA256

      79f997a3f15c7c213a8e75f541ae238dc0ca97bb9001ecf161b6f8f0ae4ab441

    • SHA512

      4e5432bb3163e85d5091e19b515ca8ccfe4390e0990791106b7c0b18307191473695b382c77486399e5fcb62039edd6f84c10eb3e99151a96651fa5b94ad6755

    • SSDEEP

      3072:1Sd+e6mKaGP0NSD3PpShtKmZuqQ4DPwXXtse:C6mxGP0SD3PiKmZuqQ4DPwXXtse

    Score
    6/10
    discovery

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks