Overview

overview

10

Static

static

10

x-3.2-.ISIS.elf

ubuntu-24.04-amd64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    x-3.2-.ISIS.elf

  • Size

    84KB

  • Sample

    250410-k3fymsxses

  • MD5

    585945c5fdc62f1ae111815936ee69cf

  • SHA1

    77aaae65a749cf6c5d3d3c51c88dfcb7eb311970

  • SHA256

    585af71cafd52836796d3285345090c5f9e806983070b033292816626fb843b7

  • SHA512

    851b19c05471c05742516681550c9bade5345033c42ddef2155f01e4dedc6571387cdda83093eb73fcada3983e80894bd2263a527d8aa61558b42343ee4a1640

  • SSDEEP

    1536:sQmab6bXPm8VjWWHT0im5t3ItTShKW6GLdUF5MI5AtpgwPUOGHfV+mLI2VOYjXUd:Oab6bXPm8VjWWHT0B5t4tcnBUF5MI5d4

Score
10/10
gafgytlinuxrootkit

Malware Config

Extracted

Family

gafgyt

C2

176.65.143.222:839

Targets

    • Target

      x-3.2-.ISIS.elf

    • Size

      84KB

    • MD5

      585945c5fdc62f1ae111815936ee69cf

    • SHA1

      77aaae65a749cf6c5d3d3c51c88dfcb7eb311970

    • SHA256

      585af71cafd52836796d3285345090c5f9e806983070b033292816626fb843b7

    • SHA512

      851b19c05471c05742516681550c9bade5345033c42ddef2155f01e4dedc6571387cdda83093eb73fcada3983e80894bd2263a527d8aa61558b42343ee4a1640

    • SSDEEP

      1536:sQmab6bXPm8VjWWHT0im5t3ItTShKW6GLdUF5MI5AtpgwPUOGHfV+mLI2VOYjXUd:Oab6bXPm8VjWWHT0B5t4tcnBUF5MI5d4

    Score
    7/10
    rootkit

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

      rootkit
    behavioral1

MITRE ATT&CK Matrix

Tasks