gafgyt | 5e1ee1effaab52248aa52d0033dbdca8d3fdf0c53484103a63a47326184b7c31 | Triage

Sharing

General

Target

690ac3f2cabc222fb6e62bfe553c986f.elf
Size

134KB
Sample

230214-zka21afe8y
MD5

690ac3f2cabc222fb6e62bfe553c986f
SHA1

e6677b86eb22d5765e3c51cbb1a117991887721b
SHA256

5e1ee1effaab52248aa52d0033dbdca8d3fdf0c53484103a63a47326184b7c31
SHA512

bc4d8f5b3dffbd9210f89d6a02414eab7e188275ceea028832a2abd69b266245c3c9df3a88c268477c2d89b9d4a95f022597a8289ee16629b6d56680e6caf32e
SSDEEP

3072:4MnyWKgY381yV5hPM3WVzhF3xemqY1fuBmvm:4M3Y3+yV5hPg0zhF3xemqY1fuBmvm

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  690ac3f2cabc222fb6e62bfe553c986f.elf
- Size
  
  134KB
- MD5
  
  690ac3f2cabc222fb6e62bfe553c986f
- SHA1
  
  e6677b86eb22d5765e3c51cbb1a117991887721b
- SHA256
  
  5e1ee1effaab52248aa52d0033dbdca8d3fdf0c53484103a63a47326184b7c31
- SHA512
  
  bc4d8f5b3dffbd9210f89d6a02414eab7e188275ceea028832a2abd69b266245c3c9df3a88c268477c2d89b9d4a95f022597a8289ee16629b6d56680e6caf32e
- SSDEEP
  
  3072:4MnyWKgY381yV5hPM3WVzhF3xemqY1fuBmvm:4M3Y3+yV5hPg0zhF3xemqY1fuBmvm
Score

8^/10
- Writes DNS configuration
  Writes data to DNS resolver config file.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1