gafgyt | 61e9e835925708541e341b2df11de338e500414596ad4749a7a5287b21189454 | Triage

Sharing

General

Target

61e9e835925708541e341b2df11de338e500414596ad4749a7a5287b21189454
Size

116KB
Sample

221130-p7adwacb57
MD5

37bd88db0293a646725f306257f44c07
SHA1

d94a0dc16fd868a8b636e1ecc636725936c41fc2
SHA256

61e9e835925708541e341b2df11de338e500414596ad4749a7a5287b21189454
SHA512

448ee5e75feb9a679e4df326b4ab23d31c23edcc8acba6f044558fbdad1d05d2893fecf9975eaf3a020944182ae25feafc35603bb57de23bad457003fbc84350
SSDEEP

3072:ed3Da04A7iNmLJMQJBg5hd5Kynz2FAdmyDQUJ1UX4Tn:G3Da1ciABg5hd5K3FAdmyDQUJ1a4Tn

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  61e9e835925708541e341b2df11de338e500414596ad4749a7a5287b21189454
- Size
  
  116KB
- MD5
  
  37bd88db0293a646725f306257f44c07
- SHA1
  
  d94a0dc16fd868a8b636e1ecc636725936c41fc2
- SHA256
  
  61e9e835925708541e341b2df11de338e500414596ad4749a7a5287b21189454
- SHA512
  
  448ee5e75feb9a679e4df326b4ab23d31c23edcc8acba6f044558fbdad1d05d2893fecf9975eaf3a020944182ae25feafc35603bb57de23bad457003fbc84350
- SSDEEP
  
  3072:ed3Da04A7iNmLJMQJBg5hd5Kynz2FAdmyDQUJ1UX4Tn:G3Da1ciABg5hd5K3FAdmyDQUJ1a4Tn
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1