gafgyt | 9ffd41a3cd5effed2c49e1546bd0b80a4bfc58fb32a0aff0bc698ea5954d77c3 | Triage

Submit
Reports

Overview

overview

Static

static

9ffd41a3cd...4d77c3

ubuntu-18.04-amd64

9

Sharing

General

Target

9ffd41a3cd5effed2c49e1546bd0b80a4bfc58fb32a0aff0bc698ea5954d77c3
Size

107KB
Sample

220731-nlpe8sdhf4
MD5

b887ca5c9cdc02aa4ee57caaa6fe6934
SHA1

f862c9146962a5b27cc669ab76f70cf25cea0014
SHA256

9ffd41a3cd5effed2c49e1546bd0b80a4bfc58fb32a0aff0bc698ea5954d77c3
SHA512

9326af0bec529103a080711435cbfd36ee22a203387cb75f685a204c152ecc6beefd54fb951352b60d1db18683175016c9389129c6964c1786a57b297b036e19

Score

10^/10

gafgyt mirai mirai_x86corona discovery linux

Static task

static1

gafgyt mirai mirai_x86corona

6 signatures

Behavioral task

behavioral1

Sample

9ffd41a3cd5effed2c49e1546bd0b80a4bfc58fb32a0aff0bc698ea5954d77c3

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  9ffd41a3cd5effed2c49e1546bd0b80a4bfc58fb32a0aff0bc698ea5954d77c3
- Size
  
  107KB
- MD5
  
  b887ca5c9cdc02aa4ee57caaa6fe6934
- SHA1
  
  f862c9146962a5b27cc669ab76f70cf25cea0014
- SHA256
  
  9ffd41a3cd5effed2c49e1546bd0b80a4bfc58fb32a0aff0bc698ea5954d77c3
- SHA512
  
  9326af0bec529103a080711435cbfd36ee22a203387cb75f685a204c152ecc6beefd54fb951352b60d1db18683175016c9389129c6964c1786a57b297b036e19
Score

9^/10

discovery
- Contacts a large (23519) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

gafgytmiraimirai_x86corona

behavioral1

© 2018-2024

Terms | Privacy