gafgyt | 162f75477d7d6ac75b3be3aabcce8efc894b4b6b2452c3d4662fc376ba49d8ac | Triage

Submit
Reports

Overview

overview

Static

static

b120080c1c...08.elf

debian-9-armhf

7

Sharing

General

Target

b120080c1c47ef7d7a51c51354a7e508.elf
Size

108KB
Sample

221228-jttygahg54
MD5

b120080c1c47ef7d7a51c51354a7e508
SHA1

ca9064cb9708506b7e0e23ff4827222dc65dfb4e
SHA256

162f75477d7d6ac75b3be3aabcce8efc894b4b6b2452c3d4662fc376ba49d8ac
SHA512

1aed48d65ed641fca3133c4beb5f01458fcd781b661dad21ac596c5e74278a3a4a1c73fc656e80adca0e0d13aa937eab83f510beaa3dbad28956b9601f0c7173
SSDEEP

3072:wdAkae+l8tZ2hWJJo4XDELqzQbmTQOWsXAOn:wykae+l8Bo4XDibmTQOWCAOn

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

b120080c1c47ef7d7a51c51354a7e508.elf

Resource

debian9-armhf-en-20211208

debian-9-armhf

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  b120080c1c47ef7d7a51c51354a7e508.elf
- Size
  
  108KB
- MD5
  
  b120080c1c47ef7d7a51c51354a7e508
- SHA1
  
  ca9064cb9708506b7e0e23ff4827222dc65dfb4e
- SHA256
  
  162f75477d7d6ac75b3be3aabcce8efc894b4b6b2452c3d4662fc376ba49d8ac
- SHA512
  
  1aed48d65ed641fca3133c4beb5f01458fcd781b661dad21ac596c5e74278a3a4a1c73fc656e80adca0e0d13aa937eab83f510beaa3dbad28956b9601f0c7173
- SSDEEP
  
  3072:wdAkae+l8tZ2hWJJo4XDELqzQbmTQOWsXAOn:wykae+l8Bo4XDibmTQOWCAOn
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy