gafgyt | 47b82ad5e1eab8693b680fef72224f505c788eb26f745ed161d8d40626e80ff5 | Triage

Submit
Reports

Overview

overview

Static

static

aa9da0dd1a...b4.elf

ubuntu-18.04-amd64

7

Sharing

General

Target

aa9da0dd1aad975b89ef89ece4bc5eb4.elf
Size

103KB
Sample

221001-rz96msgbd7
MD5

aa9da0dd1aad975b89ef89ece4bc5eb4
SHA1

c581017051b1df0881df383413004a27d890b31b
SHA256

47b82ad5e1eab8693b680fef72224f505c788eb26f745ed161d8d40626e80ff5
SHA512

24b00dc86cb1799367b95f81197c85b33b569ccbba7d34edfd5d591ba39bf0dbf6fd9baeb55d3423aba20b85e3df21546d678d708669c4ccc81a4140f4ea32d4
SSDEEP

3072:UGYBQLHkuog7WVGy3QUzuj9XZimnQVrpiFZxHj:5ke7WXze0mnQVrpiFZxHj

Score

10^/10

gafgyt linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

aa9da0dd1aad975b89ef89ece4bc5eb4.elf

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  aa9da0dd1aad975b89ef89ece4bc5eb4.elf
- Size
  
  103KB
- MD5
  
  aa9da0dd1aad975b89ef89ece4bc5eb4
- SHA1
  
  c581017051b1df0881df383413004a27d890b31b
- SHA256
  
  47b82ad5e1eab8693b680fef72224f505c788eb26f745ed161d8d40626e80ff5
- SHA512
  
  24b00dc86cb1799367b95f81197c85b33b569ccbba7d34edfd5d591ba39bf0dbf6fd9baeb55d3423aba20b85e3df21546d678d708669c4ccc81a4140f4ea32d4
- SSDEEP
  
  3072:UGYBQLHkuog7WVGy3QUzuj9XZimnQVrpiFZxHj:5ke7WXze0mnQVrpiFZxHj
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy