gafgyt | c94488a207ad0db77144192a80aaec87c043b0170d9053dc1c3178882a4e2af1 | Triage

Submit
Reports

Overview

overview

Static

static

c94488a207...4e2af1

ubuntu-18.04-amd64

9

Sharing

General

Target

c94488a207ad0db77144192a80aaec87c043b0170d9053dc1c3178882a4e2af1
Size

146KB
Sample

220731-nj7tssdgh5
MD5

322859bdaac07333eab630d5b2b7e8d1
SHA1

18bb66d2d2a9af727905f885f49c6bbb981aee26
SHA256

c94488a207ad0db77144192a80aaec87c043b0170d9053dc1c3178882a4e2af1
SHA512

ab64f270994ccb68c6fee1c61f7ce1fb1f51bf57cc90c4f04034e6fa0b3e8cb606c46fa9a0af51237338ca542a6e13878501df6ae4f68c5209d2eb5ca2ba46b8

Score

10^/10

gafgyt mirai mirai_x86corona discovery linux

Static task

static1

gafgyt mirai mirai_x86corona

6 signatures

Behavioral task

behavioral1

Sample

c94488a207ad0db77144192a80aaec87c043b0170d9053dc1c3178882a4e2af1

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  c94488a207ad0db77144192a80aaec87c043b0170d9053dc1c3178882a4e2af1
- Size
  
  146KB
- MD5
  
  322859bdaac07333eab630d5b2b7e8d1
- SHA1
  
  18bb66d2d2a9af727905f885f49c6bbb981aee26
- SHA256
  
  c94488a207ad0db77144192a80aaec87c043b0170d9053dc1c3178882a4e2af1
- SHA512
  
  ab64f270994ccb68c6fee1c61f7ce1fb1f51bf57cc90c4f04034e6fa0b3e8cb606c46fa9a0af51237338ca542a6e13878501df6ae4f68c5209d2eb5ca2ba46b8
Score

9^/10

discovery
- Contacts a large (282889) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

gafgytmiraimirai_x86corona

behavioral1

© 2018-2025

Terms | Privacy