gafgyt | 5efc2c9b0d186f29cf35e65c892b5e054c45eb48a120f7ca295c1d69d91047c2 | Triage

Submit
Reports

Overview

overview

Static

static

5efc2c9b0d...1047c2

ubuntu-18.04-amd64

6

Sharing

General

Target

5efc2c9b0d186f29cf35e65c892b5e054c45eb48a120f7ca295c1d69d91047c2
Size

93KB
Sample

220731-w93xjabeb9
MD5

33a6ea39fbc44893983948735194c6d0
SHA1

2d4b4b854ca9e0bbd9e78182cb713dff8a5144a1
SHA256

5efc2c9b0d186f29cf35e65c892b5e054c45eb48a120f7ca295c1d69d91047c2
SHA512

000ea698746ec2232cdf4ad0c42ec7dea82e6e3175a44f09eb69b262d5f54b2ccec598563ee340e084c9c5c1ff2c79993c62639c553153b3d6fac53561d1e49c

Score

10^/10

gafgyt mirai mirai_x86corona discovery linux

Static task

static1

gafgyt mirai mirai_x86corona

6 signatures

Behavioral task

behavioral1

Sample

5efc2c9b0d186f29cf35e65c892b5e054c45eb48a120f7ca295c1d69d91047c2

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  5efc2c9b0d186f29cf35e65c892b5e054c45eb48a120f7ca295c1d69d91047c2
- Size
  
  93KB
- MD5
  
  33a6ea39fbc44893983948735194c6d0
- SHA1
  
  2d4b4b854ca9e0bbd9e78182cb713dff8a5144a1
- SHA256
  
  5efc2c9b0d186f29cf35e65c892b5e054c45eb48a120f7ca295c1d69d91047c2
- SHA512
  
  000ea698746ec2232cdf4ad0c42ec7dea82e6e3175a44f09eb69b262d5f54b2ccec598563ee340e084c9c5c1ff2c79993c62639c553153b3d6fac53561d1e49c
Score

6^/10

discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

gafgytmiraimirai_x86corona

behavioral1

© 2018-2024

Terms | Privacy