gafgyt | d9b20b7fc4ceca548330b1c0258052eb911ffbcd250cd690d1e8b047e35e01dd | Triage

Submit
Reports

Overview

overview

Static

static

d9b20b7fc4...5e01dd

ubuntu-18.04-amd64

9

Sharing

General

Target

d9b20b7fc4ceca548330b1c0258052eb911ffbcd250cd690d1e8b047e35e01dd
Size

107KB
Sample

220725-aaej1aedhn
MD5

9dc9ab5b9b55c13ee4c56fd80760f156
SHA1

7946656632e07b60c704e2d1ab8df69a96f97c7a
SHA256

d9b20b7fc4ceca548330b1c0258052eb911ffbcd250cd690d1e8b047e35e01dd
SHA512

96ac468a0247bf64a50492ad0cbf4df9d0ab5190b0fa7c0db8474b8e9bc43ece8ab915a2a8cbeb7a4fa02e4cc75226fd91fa7c93390b49129c52d0c3d82f3134

Score

10^/10

gafgyt mirai mirai_x86corona discovery

Static task

static1

gafgyt mirai mirai_x86corona

6 signatures

Behavioral task

behavioral1

Sample

d9b20b7fc4ceca548330b1c0258052eb911ffbcd250cd690d1e8b047e35e01dd

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  d9b20b7fc4ceca548330b1c0258052eb911ffbcd250cd690d1e8b047e35e01dd
- Size
  
  107KB
- MD5
  
  9dc9ab5b9b55c13ee4c56fd80760f156
- SHA1
  
  7946656632e07b60c704e2d1ab8df69a96f97c7a
- SHA256
  
  d9b20b7fc4ceca548330b1c0258052eb911ffbcd250cd690d1e8b047e35e01dd
- SHA512
  
  96ac468a0247bf64a50492ad0cbf4df9d0ab5190b0fa7c0db8474b8e9bc43ece8ab915a2a8cbeb7a4fa02e4cc75226fd91fa7c93390b49129c52d0c3d82f3134
Score

9^/10

discovery
- Contacts a large (23519) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

gafgytmiraimirai_x86corona

behavioral1

© 2018-2024

Terms | Privacy