gafgyt | 3f2b3d3b4ff3c177affbd175fcb7e7e244f7249ee4f91997521483af2c173576 | Triage

Submit
Reports

Overview

overview

Static

static

3f2b3d3b4f...173576

linux_mipsel

9

Sharing

General

Target

3f2b3d3b4ff3c177affbd175fcb7e7e244f7249ee4f91997521483af2c173576
Size

161KB
Sample

220521-qchbnshbh3
MD5

39f476992589281f6b5a5a8cde2013b3
SHA1

1a73499d15d689023c30859c1d68acc7fc19f14f
SHA256

3f2b3d3b4ff3c177affbd175fcb7e7e244f7249ee4f91997521483af2c173576
SHA512

4ab8286c47815a3a10858bd0b2794329c9fba5b4d97f698f9c458d2c6296808db87254bca37faca8b1ce14f862fdf655e62370f88a1d1ef198441e4a8d7f320a

Score

10^/10

gafgyt mirai discovery linux

Static task

static1

Behavioral task

behavioral1

Sample

3f2b3d3b4ff3c177affbd175fcb7e7e244f7249ee4f91997521483af2c173576

Resource

debian9-mipsel-en-20211208

linux_mipsel

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  3f2b3d3b4ff3c177affbd175fcb7e7e244f7249ee4f91997521483af2c173576
- Size
  
  161KB
- MD5
  
  39f476992589281f6b5a5a8cde2013b3
- SHA1
  
  1a73499d15d689023c30859c1d68acc7fc19f14f
- SHA256
  
  3f2b3d3b4ff3c177affbd175fcb7e7e244f7249ee4f91997521483af2c173576
- SHA512
  
  4ab8286c47815a3a10858bd0b2794329c9fba5b4d97f698f9c458d2c6296808db87254bca37faca8b1ce14f862fdf655e62370f88a1d1ef198441e4a8d7f320a
Score

9^/10

discovery
- Contacts a large (19041) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Scanning

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy