gafgyt | 4fbeb734c95e3026225128e2433cae46d33c307bdeef60a7def86d30d80c50ff | Triage

Submit
Reports

Overview

overview

Static

static

4fbeb734c9...0c50ff

ubuntu-18.04-amd64

9

Sharing

General

Target

4fbeb734c95e3026225128e2433cae46d33c307bdeef60a7def86d30d80c50ff
Size

124KB
Sample

220725-eye8naefcl
MD5

29a7f9ab5437f0fe8e51124eee0b9fea
SHA1

19167457cda458b2146b082d20de3e028a50fe86
SHA256

4fbeb734c95e3026225128e2433cae46d33c307bdeef60a7def86d30d80c50ff
SHA512

41fba3e1bfd06e6465397ee59f5f93993f8fa1b549931ff044d2cce693ae343d8d161e4f30aa7424f73d6b43fd4931040b1e0612e6a177467dbb565a5245b275

Score

10^/10

gafgyt mirai mirai_x86corona discovery

Static task

static1

gafgyt mirai mirai_x86corona

6 signatures

Behavioral task

behavioral1

Sample

4fbeb734c95e3026225128e2433cae46d33c307bdeef60a7def86d30d80c50ff

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  4fbeb734c95e3026225128e2433cae46d33c307bdeef60a7def86d30d80c50ff
- Size
  
  124KB
- MD5
  
  29a7f9ab5437f0fe8e51124eee0b9fea
- SHA1
  
  19167457cda458b2146b082d20de3e028a50fe86
- SHA256
  
  4fbeb734c95e3026225128e2433cae46d33c307bdeef60a7def86d30d80c50ff
- SHA512
  
  41fba3e1bfd06e6465397ee59f5f93993f8fa1b549931ff044d2cce693ae343d8d161e4f30aa7424f73d6b43fd4931040b1e0612e6a177467dbb565a5245b275
Score

9^/10

discovery
- Contacts a large (69082) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

gafgytmiraimirai_x86corona

behavioral1

© 2018-2024

Terms | Privacy