gafgyt | 699fea9ff953b1837c51c8d1dc032004315bf73d5c8a70359048def3da3cc5ed | Triage

Submit
Reports

Overview

overview

Static

static

73b27f9878...bf.elf

ubuntu-18.04-amd64

7

Sharing

Copy URL Twitter E-mail

General

Target

73b27f9878951a182f91262ca428fbbf.elf
Size

103KB
Sample

221004-sha6nabcd7
MD5

73b27f9878951a182f91262ca428fbbf
SHA1

1e938b33ec2190961164bb99deff8811cb43a039
SHA256

699fea9ff953b1837c51c8d1dc032004315bf73d5c8a70359048def3da3cc5ed
SHA512

a12d8c6f51d2b2f6fce3234bfb494daabefb0edd0229a1806ac4674e138239111eeb70d9c1cc2619e27070ba07ca7a7860f9e678ad70414f9705c1350d2de33f
SSDEEP

3072:MgiB39CozuVW7qgKm0b0GUibG/GSymnQVrpiFZxHj:67zz7qXHwYpnmnQVrpiFZxHj

Score

10^/10

gafgyt linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

73b27f9878951a182f91262ca428fbbf.elf

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  73b27f9878951a182f91262ca428fbbf.elf
- Size
  
  103KB
- MD5
  
  73b27f9878951a182f91262ca428fbbf
- SHA1
  
  1e938b33ec2190961164bb99deff8811cb43a039
- SHA256
  
  699fea9ff953b1837c51c8d1dc032004315bf73d5c8a70359048def3da3cc5ed
- SHA512
  
  a12d8c6f51d2b2f6fce3234bfb494daabefb0edd0229a1806ac4674e138239111eeb70d9c1cc2619e27070ba07ca7a7860f9e678ad70414f9705c1350d2de33f
- SSDEEP
  
  3072:MgiB39CozuVW7qgKm0b0GUibG/GSymnQVrpiFZxHj:67zz7qXHwYpnmnQVrpiFZxHj
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy