General
-
Target
hidakibest.arm5.elf
-
Size
150KB
-
Sample
240702-e5d9yawbqg
-
MD5
f0511c0d8ef197bf22ed351483bb923e
-
SHA1
8a20b2b71e018303e9a9646f5d9de9fadbd96fc3
-
SHA256
59adeec319e6a5c22779aab7a43028f3580aee46d1e47472f78649cf886cb234
-
SHA512
5d19a433f94a29ed4d1157c85e4180249655bc54de2f456b048902a3e0d77f294871cea6a4f37acb46639e9ef4a62e94a3ec5b2815b9cf8df7fc4bf815a0ee54
-
SSDEEP
3072:Tdbmn8aAEHqgSkano1DTAH5hWTGU2WV7lxXmpwTsL/QMyn:he8aAEHKkdDTS5hWTGU2WV7ldmpwTsLS
Behavioral task
behavioral1
Sample
hidakibest.arm5.elf
Resource
debian12-armhf-20240418-en
Malware Config
Extracted
gafgyt
45.93.200.174:4258
Targets
-
-
Target
hidakibest.arm5.elf
-
Size
150KB
-
MD5
f0511c0d8ef197bf22ed351483bb923e
-
SHA1
8a20b2b71e018303e9a9646f5d9de9fadbd96fc3
-
SHA256
59adeec319e6a5c22779aab7a43028f3580aee46d1e47472f78649cf886cb234
-
SHA512
5d19a433f94a29ed4d1157c85e4180249655bc54de2f456b048902a3e0d77f294871cea6a4f37acb46639e9ef4a62e94a3ec5b2815b9cf8df7fc4bf815a0ee54
-
SSDEEP
3072:Tdbmn8aAEHqgSkano1DTAH5hWTGU2WV7lxXmpwTsL/QMyn:he8aAEHKkdDTS5hWTGU2WV7ldmpwTsLS
Score6/10-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-