gafgyt | dd1d3dde09e39adc72d966761dd7252fa0fd27f837ea999aa3a9a4cc66508c40 | Triage

Submit
Reports

Overview

overview

Static

static

dd1d3dde09...508c40

ubuntu-18.04-amd64

9

Sharing

General

Target

dd1d3dde09e39adc72d966761dd7252fa0fd27f837ea999aa3a9a4cc66508c40
Size

120KB
Sample

220731-nh81gadgd5
MD5

c07f7316600126153bf3c3dce223fcd2
SHA1

1ea86a1ece6bd48e8973326204fc15a2dd7d35ab
SHA256

dd1d3dde09e39adc72d966761dd7252fa0fd27f837ea999aa3a9a4cc66508c40
SHA512

1a66f60abba232e650877fb4aed4bd5a40f07c88b6149c8d772406a7d0515d38bdc1be5a610e073a550a5920299a5434119fd7e890fcb4eaa6b8a3c4ed1076e6

Score

10^/10

gafgyt mirai mirai_x86corona discovery linux

Static task

static1

gafgyt mirai mirai_x86corona

6 signatures

Behavioral task

behavioral1

Sample

dd1d3dde09e39adc72d966761dd7252fa0fd27f837ea999aa3a9a4cc66508c40

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  dd1d3dde09e39adc72d966761dd7252fa0fd27f837ea999aa3a9a4cc66508c40
- Size
  
  120KB
- MD5
  
  c07f7316600126153bf3c3dce223fcd2
- SHA1
  
  1ea86a1ece6bd48e8973326204fc15a2dd7d35ab
- SHA256
  
  dd1d3dde09e39adc72d966761dd7252fa0fd27f837ea999aa3a9a4cc66508c40
- SHA512
  
  1a66f60abba232e650877fb4aed4bd5a40f07c88b6149c8d772406a7d0515d38bdc1be5a610e073a550a5920299a5434119fd7e890fcb4eaa6b8a3c4ed1076e6
Score

9^/10

discovery
- Contacts a large (113539) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

gafgytmiraimirai_x86corona

behavioral1

© 2018-2025

Terms | Privacy