gafgyt | b5b614c95e212bc60b63ba4738bbb2b05c5f80108c9525aab00f33c760d62887 | Triage

Submit
Reports

Overview

overview

Static

static

b5b614c95e...d62887

ubuntu-18.04-amd64

9

Sharing

General

Target

b5b614c95e212bc60b63ba4738bbb2b05c5f80108c9525aab00f33c760d62887
Size

120KB
Sample

220725-abrwqaeegk
MD5

1c031113bc05e5d5f33d56370a700603
SHA1

ce76e798b570cd2de11065fe77f48173aaa879b9
SHA256

b5b614c95e212bc60b63ba4738bbb2b05c5f80108c9525aab00f33c760d62887
SHA512

03b7a0f8fee1e3869ddd8f027b38c6e71fac06a20c117c249016ef08483b9185b8858f63a634ae62f1db2c3127856de8cf31fbc4c0daeac3bf91ba8a3fce5732

Score

10^/10

gafgyt mirai mirai_x86corona discovery

Static task

static1

gafgyt mirai mirai_x86corona

6 signatures

Behavioral task

behavioral1

Sample

b5b614c95e212bc60b63ba4738bbb2b05c5f80108c9525aab00f33c760d62887

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  b5b614c95e212bc60b63ba4738bbb2b05c5f80108c9525aab00f33c760d62887
- Size
  
  120KB
- MD5
  
  1c031113bc05e5d5f33d56370a700603
- SHA1
  
  ce76e798b570cd2de11065fe77f48173aaa879b9
- SHA256
  
  b5b614c95e212bc60b63ba4738bbb2b05c5f80108c9525aab00f33c760d62887
- SHA512
  
  03b7a0f8fee1e3869ddd8f027b38c6e71fac06a20c117c249016ef08483b9185b8858f63a634ae62f1db2c3127856de8cf31fbc4c0daeac3bf91ba8a3fce5732
Score

9^/10

discovery
- Contacts a large (15893) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

gafgytmiraimirai_x86corona

behavioral1

© 2018-2024

Terms | Privacy