gafgyt | 69bb0e77409eb7faf4d215b671264cf2e813a3c543106e237697b4b8fe86eec1 | Triage

Submit
Reports

Overview

overview

Static

static

5dacc52615...d2.elf

debian-9-armhf

7

Sharing

Copy URL Twitter E-mail

General

Target

5dacc5261530f0adc9fa30dffa2857d2.elf
Size

108KB
Sample

221230-bxdrnaef79
MD5

5dacc5261530f0adc9fa30dffa2857d2
SHA1

8ba64054ec49ce747e6caae203535bdce59552c4
SHA256

69bb0e77409eb7faf4d215b671264cf2e813a3c543106e237697b4b8fe86eec1
SHA512

93f2327912f2cc030e8f97657811e5bb27a83a7ca9f1a61763ffff47eac1fee1d2cdf0710bd5368dd4ab8bb88b08f09f34f2bee067f9661fcd514e06d51b6c25
SSDEEP

3072:wdAkae+l8tZ2hWJJo8XDELqzQbmTQOWsXAOn:wykae+l8Bo8XDibmTQOWCAOn

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

5dacc5261530f0adc9fa30dffa2857d2.elf

Resource

debian9-armhf-en-20211208

debian-9-armhf

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  5dacc5261530f0adc9fa30dffa2857d2.elf
- Size
  
  108KB
- MD5
  
  5dacc5261530f0adc9fa30dffa2857d2
- SHA1
  
  8ba64054ec49ce747e6caae203535bdce59552c4
- SHA256
  
  69bb0e77409eb7faf4d215b671264cf2e813a3c543106e237697b4b8fe86eec1
- SHA512
  
  93f2327912f2cc030e8f97657811e5bb27a83a7ca9f1a61763ffff47eac1fee1d2cdf0710bd5368dd4ab8bb88b08f09f34f2bee067f9661fcd514e06d51b6c25
- SSDEEP
  
  3072:wdAkae+l8tZ2hWJJo8XDELqzQbmTQOWsXAOn:wykae+l8Bo8XDibmTQOWCAOn
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy