Overview

overview

10

Static

static

10

9470b27d6b...70.elf

debian-12-armhf

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9470b27d6b7ab7b1b720f08494add3fbc2b5dd17b122eac19edd68dc5b6eca70.elf

  • Size

    177KB

  • Sample

    240702-b59jassala

  • MD5

    f9e877fdcc7ba67a11bdfa44668ebcd8

  • SHA1

    9055c9da491e5b6486955d4547440f64af071c08

  • SHA256

    9470b27d6b7ab7b1b720f08494add3fbc2b5dd17b122eac19edd68dc5b6eca70

  • SHA512

    e5eeb4e44c33aa230219591af5ac75703f0a89a9d3156be104dd3a179a772a747efd12bc2674e9634fa5bae8913d34ef084d0c2237a16de77698b2b8bca01f9d

  • SSDEEP

    3072:R5Y+fTvkbakDwp6sJX9DxcWIUSZ+LPnsAxVK7JJmUwwFB7SXNu:RlAbakDwp6UXdIx0LPnsAxVK7JJmUwwd

Score
10/10
gafgyt

Malware Config

Targets

    • Target

      9470b27d6b7ab7b1b720f08494add3fbc2b5dd17b122eac19edd68dc5b6eca70.elf

    • Size

      177KB

    • MD5

      f9e877fdcc7ba67a11bdfa44668ebcd8

    • SHA1

      9055c9da491e5b6486955d4547440f64af071c08

    • SHA256

      9470b27d6b7ab7b1b720f08494add3fbc2b5dd17b122eac19edd68dc5b6eca70

    • SHA512

      e5eeb4e44c33aa230219591af5ac75703f0a89a9d3156be104dd3a179a772a747efd12bc2674e9634fa5bae8913d34ef084d0c2237a16de77698b2b8bca01f9d

    • SSDEEP

      3072:R5Y+fTvkbakDwp6sJX9DxcWIUSZ+LPnsAxVK7JJmUwwFB7SXNu:RlAbakDwp6UXdIx0LPnsAxVK7JJmUwwd

    Score
    7/10

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

1
T1562

Credential Access

Discovery

System Network Configuration Discovery

2
T1016

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks