gafgyt | 3de402d1cfdb304a7d38df836bdde6cb8e3150325aef09ee046d6b10a4cfbc12 | Triage

Submit
Reports

Overview

overview

Static

static

3de402d1cf...cfbc12

linux_amd64

9

Sharing

General

Target

3de402d1cfdb304a7d38df836bdde6cb8e3150325aef09ee046d6b10a4cfbc12
Size

111KB
Sample

220701-ref23ahab4
MD5

80b91ff2e0955808aa55478ec6e21ed5
SHA1

ee64e55db9eb0060d83824412d549f3e99547967
SHA256

3de402d1cfdb304a7d38df836bdde6cb8e3150325aef09ee046d6b10a4cfbc12
SHA512

fee335c315c1b968115feb09ecb71521fe0380a933c9f5153e6b5e3d75e841ad715cd4963e933b5edecb3bdb4777790205973ecd363c5d0ecf0e34443f10cb54

Score

10^/10

gafgyt mirai mirai_x86corona discovery linux

Static task

static1

gafgyt mirai mirai_x86corona

Behavioral task

behavioral1

Sample

3de402d1cfdb304a7d38df836bdde6cb8e3150325aef09ee046d6b10a4cfbc12

Resource

ubuntu1804-amd64-en-20211208

linux_amd64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  3de402d1cfdb304a7d38df836bdde6cb8e3150325aef09ee046d6b10a4cfbc12
- Size
  
  111KB
- MD5
  
  80b91ff2e0955808aa55478ec6e21ed5
- SHA1
  
  ee64e55db9eb0060d83824412d549f3e99547967
- SHA256
  
  3de402d1cfdb304a7d38df836bdde6cb8e3150325aef09ee046d6b10a4cfbc12
- SHA512
  
  fee335c315c1b968115feb09ecb71521fe0380a933c9f5153e6b5e3d75e841ad715cd4963e933b5edecb3bdb4777790205973ecd363c5d0ecf0e34443f10cb54
Score

9^/10

discovery
- Contacts a large (187774) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

gafgytmiraimirai_x86corona

behavioral1

© 2018-2025

Terms | Privacy