gafgyt | 36e168f53c4c5da2aa83d73a95e327ddb06f38416072ac18563d92cf755c7d47 | Triage

Sharing

General

Target

36e168f53c4c5da2aa83d73a95e327ddb06f38416072ac18563d92cf755c7d47
Size

97KB
Sample

221125-lwn64sce8y
MD5

1362847929ad976f1d133e2091021df6
SHA1

b246a837313082499f22200fde45b07134b8572d
SHA256

36e168f53c4c5da2aa83d73a95e327ddb06f38416072ac18563d92cf755c7d47
SHA512

cdf62202c5bce0d9ab9f1d34f181ac2ebfe0f24ee6e0d0609ce335e66ea0dd20a36a51c23a608940c64890c8918a8e4cec1fa75ec1f99d12de3880e0a3113019
SSDEEP

3072:gjtwgA6UlYzZveohR9kIEPfdGZmmFVcqq0G27ZT:gjhzt3mIEPfAmmFVcqq0G27ZT

Score

10^/10

gafgyt linux

Malware Config

Targets

- Target
  
  36e168f53c4c5da2aa83d73a95e327ddb06f38416072ac18563d92cf755c7d47
- Size
  
  97KB
- MD5
  
  1362847929ad976f1d133e2091021df6
- SHA1
  
  b246a837313082499f22200fde45b07134b8572d
- SHA256
  
  36e168f53c4c5da2aa83d73a95e327ddb06f38416072ac18563d92cf755c7d47
- SHA512
  
  cdf62202c5bce0d9ab9f1d34f181ac2ebfe0f24ee6e0d0609ce335e66ea0dd20a36a51c23a608940c64890c8918a8e4cec1fa75ec1f99d12de3880e0a3113019
- SSDEEP
  
  3072:gjtwgA6UlYzZveohR9kIEPfdGZmmFVcqq0G27ZT:gjhzt3mIEPfAmmFVcqq0G27ZT
Score

8^/10
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

Impact

Tasks

static1

behavioral1