gafgyt | 5852defe23d05e2d5915572a137dbeeb51fecbf1782596f04db1c836462b0a2a | Triage

Submit
Reports

Overview

overview

Static

static

5852defe23...2b0a2a

ubuntu-18.04-amd64

9

Sharing

General

Target

5852defe23d05e2d5915572a137dbeeb51fecbf1782596f04db1c836462b0a2a
Size

123KB
Sample

220724-szjt5ahcbp
MD5

ca0e79f2084ef3600ffb526d47b47c96
SHA1

44f35466183f1f1d6ba544d7d19e80cbffccc210
SHA256

5852defe23d05e2d5915572a137dbeeb51fecbf1782596f04db1c836462b0a2a
SHA512

95033eead386fa9297dbf5bee4de7ef5714891fd323c34fe3ee217e3035c6ca5f156154cbd64fd513deea9b323d4579e43080d0d319ff82d5584a5fdc384b65c

Score

10^/10

gafgyt mirai mirai_x86corona discovery

Static task

static1

gafgyt mirai mirai_x86corona

6 signatures

Behavioral task

behavioral1

Sample

5852defe23d05e2d5915572a137dbeeb51fecbf1782596f04db1c836462b0a2a

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  5852defe23d05e2d5915572a137dbeeb51fecbf1782596f04db1c836462b0a2a
- Size
  
  123KB
- MD5
  
  ca0e79f2084ef3600ffb526d47b47c96
- SHA1
  
  44f35466183f1f1d6ba544d7d19e80cbffccc210
- SHA256
  
  5852defe23d05e2d5915572a137dbeeb51fecbf1782596f04db1c836462b0a2a
- SHA512
  
  95033eead386fa9297dbf5bee4de7ef5714891fd323c34fe3ee217e3035c6ca5f156154cbd64fd513deea9b323d4579e43080d0d319ff82d5584a5fdc384b65c
Score

9^/10

discovery
- Contacts a large (189601) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

gafgytmiraimirai_x86corona

behavioral1

© 2018-2024

Terms | Privacy