gafgyt | b34021f9fc2df4990b9971cd5fb3296322b9adcdaf3ce519d8b0f2125847c4af | Triage

Submit
Reports

Overview

overview

Static

static

4a57f90747...2db692

ubuntu-18.04-amd64

9

Sharing

General

Target

4a57f907474d4c352881f702a62db692
Size

114KB
Sample

220822-s4rerscge8
MD5

4a57f907474d4c352881f702a62db692
SHA1

1e1143c29c551e0c81bb389a415b782414e901bc
SHA256

b34021f9fc2df4990b9971cd5fb3296322b9adcdaf3ce519d8b0f2125847c4af
SHA512

5894d55e03fb3e03a13eb6bed403033f12d53513b8ea4e32f159ddd1e6f46a063f60a7a2745bf9d5c293b08b3fbf3c868e814677fa655e835a96dc862003ae89
SSDEEP

3072:uirMUYZMo/QJLRZDsqtxqLX5I/uJiouY2yd1m7FnVqfJXoebNb:SKo/O8qtUbKWbm7FnVqfJXoebNb

Score

10^/10

gafgyt mirai linux

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

4a57f907474d4c352881f702a62db692

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  4a57f907474d4c352881f702a62db692
- Size
  
  114KB
- MD5
  
  4a57f907474d4c352881f702a62db692
- SHA1
  
  1e1143c29c551e0c81bb389a415b782414e901bc
- SHA256
  
  b34021f9fc2df4990b9971cd5fb3296322b9adcdaf3ce519d8b0f2125847c4af
- SHA512
  
  5894d55e03fb3e03a13eb6bed403033f12d53513b8ea4e32f159ddd1e6f46a063f60a7a2745bf9d5c293b08b3fbf3c868e814677fa655e835a96dc862003ae89
- SSDEEP
  
  3072:uirMUYZMo/QJLRZDsqtxqLX5I/uJiouY2yd1m7FnVqfJXoebNb:SKo/O8qtUbKWbm7FnVqfJXoebNb
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy