gafgyt | 31ee294801b7a2ebb33b3b054ebf45f53d85479ba67eb1b46b621c6cf82704f7 | Triage

Submit
Reports

Overview

overview

Static

static

31ee294801...2704f7

ubuntu-18.04-amd64

9

Sharing

General

Target

31ee294801b7a2ebb33b3b054ebf45f53d85479ba67eb1b46b621c6cf82704f7
Size

133KB
Sample

220725-affn9aegfp
MD5

df5b10b695b8a1fc03c2f6ce7dfe8d22
SHA1

2238f343c603b4f8a2519d2a24029d105ff7b41f
SHA256

31ee294801b7a2ebb33b3b054ebf45f53d85479ba67eb1b46b621c6cf82704f7
SHA512

a6311a81249e1e9a0606a0c647575277230ba4f3caaceffefcababfb6f23700128c876a938aa05ae9dde8832461a150bd5481f20704ad0f56fc1b488e3454a64

Score

10^/10

gafgyt mirai mirai_x86corona discovery

Static task

static1

gafgyt mirai mirai_x86corona

6 signatures

Behavioral task

behavioral1

Sample

31ee294801b7a2ebb33b3b054ebf45f53d85479ba67eb1b46b621c6cf82704f7

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  31ee294801b7a2ebb33b3b054ebf45f53d85479ba67eb1b46b621c6cf82704f7
- Size
  
  133KB
- MD5
  
  df5b10b695b8a1fc03c2f6ce7dfe8d22
- SHA1
  
  2238f343c603b4f8a2519d2a24029d105ff7b41f
- SHA256
  
  31ee294801b7a2ebb33b3b054ebf45f53d85479ba67eb1b46b621c6cf82704f7
- SHA512
  
  a6311a81249e1e9a0606a0c647575277230ba4f3caaceffefcababfb6f23700128c876a938aa05ae9dde8832461a150bd5481f20704ad0f56fc1b488e3454a64
Score

9^/10

discovery
- Contacts a large (351615) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

gafgytmiraimirai_x86corona

behavioral1

© 2018-2024

Terms | Privacy