gafgyt | 73d33e606d31c2f1586f739395e9912ff865771a57e5fbf35f88b935bd26f327 | Triage

Sharing

General

Target

25c6130046b2e6f2ab4b6e19a2a0a944.elf
Size

123KB
Sample

230206-hqxphsfh2v
MD5

25c6130046b2e6f2ab4b6e19a2a0a944
SHA1

05d40c11d1a543a0b7aa098e9be84507166a546b
SHA256

73d33e606d31c2f1586f739395e9912ff865771a57e5fbf35f88b935bd26f327
SHA512

72c9619b461b9e65d5d80da9763a07b3eaf72f7c39155fc441f80315a8f8050f53519464e4c96b17c1e54fe3add2d211ac86ed6c45d4707efe5cd018c49242ca
SSDEEP

1536:M7je1TMGq+f+AQ2rK7zeXeReXe8V2rK7Ie+u60GAzQj1l72HBecEdaAW/GrmW+IR:Ted0W0MZQHKdaAW/GrmW+IFB1Dt1hR/

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  25c6130046b2e6f2ab4b6e19a2a0a944.elf
- Size
  
  123KB
- MD5
  
  25c6130046b2e6f2ab4b6e19a2a0a944
- SHA1
  
  05d40c11d1a543a0b7aa098e9be84507166a546b
- SHA256
  
  73d33e606d31c2f1586f739395e9912ff865771a57e5fbf35f88b935bd26f327
- SHA512
  
  72c9619b461b9e65d5d80da9763a07b3eaf72f7c39155fc441f80315a8f8050f53519464e4c96b17c1e54fe3add2d211ac86ed6c45d4707efe5cd018c49242ca
- SSDEEP
  
  1536:M7je1TMGq+f+AQ2rK7zeXeReXe8V2rK7Ie+u60GAzQj1l72HBecEdaAW/GrmW+IR:Ted0W0MZQHKdaAW/GrmW+IFB1Dt1hR/
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1