Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

a-r.m-6.SNOOPY.elf

debian-9-armhf

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a-r.m-6.SNOOPY.elf

  • Size

    108KB

  • Sample

    250311-h83y9axsc1

  • MD5

    e7748189201994e7b6024eafd747e4d2

  • SHA1

    d78148781e6fe3b3b1a371eecaeadbfa58407ddc

  • SHA256

    263f1b3b46782a3ccc4b016ff6697e7b6efcd044ee6218c77881cf98206003a2

  • SHA512

    ded3aa06d6c9873561293fd8978c1142aabf3794aa4610b72a68d338c7f06047cf64519254965e74c8b8426e6128a81331f5a66b504913cadfe689228640487f

  • SSDEEP

    3072:b6an17WtsWhdgYJF0D6mbPbmTQOWsXAOn:Wan17WPJF0D6ibmTQOWCAOn

Score
10/10
gafgytdiscovery

Malware Config

Extracted

Family

gafgyt

C2

154.127.56.114:23

Targets

    • Target

      a-r.m-6.SNOOPY.elf

    • Size

      108KB

    • MD5

      e7748189201994e7b6024eafd747e4d2

    • SHA1

      d78148781e6fe3b3b1a371eecaeadbfa58407ddc

    • SHA256

      263f1b3b46782a3ccc4b016ff6697e7b6efcd044ee6218c77881cf98206003a2

    • SHA512

      ded3aa06d6c9873561293fd8978c1142aabf3794aa4610b72a68d338c7f06047cf64519254965e74c8b8426e6128a81331f5a66b504913cadfe689228640487f

    • SSDEEP

      3072:b6an17WtsWhdgYJF0D6mbPbmTQOWsXAOn:Wan17WPJF0D6ibmTQOWCAOn

    Score
    6/10
    discovery

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks