gafgyt | bd5162d1a7c6b6d14c8ccb38ebca32ddf009a31fb6809353e1c9e7e3cdd0aeab | Triage

Submit
Reports

Overview

overview

Static

static

edd53ea3d2...71cc19

linux_armhf

7

Sharing

General

Target

edd53ea3d2f49cec6290eb520b71cc19
Size

149KB
Sample

211205-t9ehtsfec6
MD5

edd53ea3d2f49cec6290eb520b71cc19
SHA1

9e0ef032bf87c15fbd9c11f5266d4a3dfff157b3
SHA256

bd5162d1a7c6b6d14c8ccb38ebca32ddf009a31fb6809353e1c9e7e3cdd0aeab
SHA512

2aec902e8241c3edcdac749d2eec3d124dc1e02320f5955cf064649230613db1b85558863253e21f39fc42ff61bbf82da334083debe9778b636fadeed3e13a35

Score

10^/10

gafgyt mirai linux

Static task

static1

Behavioral task

behavioral1

Sample

edd53ea3d2f49cec6290eb520b71cc19

Resource

debian9-armhf-en-20211025

linux_armhf

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  edd53ea3d2f49cec6290eb520b71cc19
- Size
  
  149KB
- MD5
  
  edd53ea3d2f49cec6290eb520b71cc19
- SHA1
  
  9e0ef032bf87c15fbd9c11f5266d4a3dfff157b3
- SHA256
  
  bd5162d1a7c6b6d14c8ccb38ebca32ddf009a31fb6809353e1c9e7e3cdd0aeab
- SHA512
  
  2aec902e8241c3edcdac749d2eec3d124dc1e02320f5955cf064649230613db1b85558863253e21f39fc42ff61bbf82da334083debe9778b636fadeed3e13a35
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy