gafgyt | 2b97b9eb3d9959784468b2352e998c87538e490892296944c707f904e13cbcd8 | Triage

Submit
Reports

Overview

overview

Static

static

2b97b9eb3d...3cbcd8

linux_amd64

7

Sharing

General

Target

2b97b9eb3d9959784468b2352e998c87538e490892296944c707f904e13cbcd8
Size

159KB
Sample

220615-b3ek5sbbf7
MD5

aa3af97d5267678c5f69f7fbdcfa44a4
SHA1

2b0689d4db25b934272ef69c26907cace12afb4d
SHA256

2b97b9eb3d9959784468b2352e998c87538e490892296944c707f904e13cbcd8
SHA512

1590781abfd425434109424ed4e59c59834407c5058eb8d4c0b5c2d680bb32f55238b5a02b4c38d0efd4dbc0fefd61a61ecae32937f9078762d7719791e70d8c

Score

10^/10

gafgyt linux

Static task

static1

Behavioral task

behavioral1

Sample

2b97b9eb3d9959784468b2352e998c87538e490892296944c707f904e13cbcd8

Resource

ubuntu1804-amd64-en-20211208

linux_amd64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  2b97b9eb3d9959784468b2352e998c87538e490892296944c707f904e13cbcd8
- Size
  
  159KB
- MD5
  
  aa3af97d5267678c5f69f7fbdcfa44a4
- SHA1
  
  2b0689d4db25b934272ef69c26907cace12afb4d
- SHA256
  
  2b97b9eb3d9959784468b2352e998c87538e490892296944c707f904e13cbcd8
- SHA512
  
  1590781abfd425434109424ed4e59c59834407c5058eb8d4c0b5c2d680bb32f55238b5a02b4c38d0efd4dbc0fefd61a61ecae32937f9078762d7719791e70d8c
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy