gafgyt | 57e247f8a4943743baadfda8d91afb386f1fb998bd7df21747345eb2ed00205e | Triage

Submit
Reports

Overview

overview

Static

static

57e247f8a4...00205e

ubuntu-18.04-amd64

9

Sharing

General

Target

57e247f8a4943743baadfda8d91afb386f1fb998bd7df21747345eb2ed00205e
Size

111KB
Sample

220724-v82gmsdahq
MD5

0e669218b0b49a70e967db17fd6c92e8
SHA1

d006f91fbaa93ac0c7f55e2fcd1ea96e8f4fa032
SHA256

57e247f8a4943743baadfda8d91afb386f1fb998bd7df21747345eb2ed00205e
SHA512

c07ae13eb08c554d4955791a7c89fa82a65d711ed5684a80521b362269006308d5ae8a51061bdedb9f8110c3d7cc5225b595e44b461290f242008cffa9ed2e98

Score

10^/10

gafgyt mirai mirai_x86corona discovery

Static task

static1

gafgyt mirai mirai_x86corona

6 signatures

Behavioral task

behavioral1

Sample

57e247f8a4943743baadfda8d91afb386f1fb998bd7df21747345eb2ed00205e

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  57e247f8a4943743baadfda8d91afb386f1fb998bd7df21747345eb2ed00205e
- Size
  
  111KB
- MD5
  
  0e669218b0b49a70e967db17fd6c92e8
- SHA1
  
  d006f91fbaa93ac0c7f55e2fcd1ea96e8f4fa032
- SHA256
  
  57e247f8a4943743baadfda8d91afb386f1fb998bd7df21747345eb2ed00205e
- SHA512
  
  c07ae13eb08c554d4955791a7c89fa82a65d711ed5684a80521b362269006308d5ae8a51061bdedb9f8110c3d7cc5225b595e44b461290f242008cffa9ed2e98
Score

9^/10

discovery
- Contacts a large (166322) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

gafgytmiraimirai_x86corona

behavioral1

© 2018-2025

Terms | Privacy