gafgyt | cbf3dee0f34ae812cc485a37a6f1442e7e51e4d8f931a3d6a383ff2555c44381 | Triage

Sharing

General

Target

c3b58449cae7b337a35a412922d02fd9.elf
Size

165KB
Sample

230214-zkv26sgb22
MD5

c3b58449cae7b337a35a412922d02fd9
SHA1

118b9e8506ab7dccbe147cc55c6e3f2238a61ea7
SHA256

cbf3dee0f34ae812cc485a37a6f1442e7e51e4d8f931a3d6a383ff2555c44381
SHA512

12adef054244849c15185c07758af299600f1f063aeee247ea53456721171647d26e1a951084b76f438faa70583aa421e83f22f2a5fc4ca22481ff30581d98ae
SSDEEP

3072:vG/rmPd3pGeQj+0pH1rkQ8QaQfVhCjjs6+l+kQaI+45hAlPN7xM/9ZKimQw9B1ia:KH1rkLQaQfVhYjs3VQaI5hAlPNtM/9Zu

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  c3b58449cae7b337a35a412922d02fd9.elf
- Size
  
  165KB
- MD5
  
  c3b58449cae7b337a35a412922d02fd9
- SHA1
  
  118b9e8506ab7dccbe147cc55c6e3f2238a61ea7
- SHA256
  
  cbf3dee0f34ae812cc485a37a6f1442e7e51e4d8f931a3d6a383ff2555c44381
- SHA512
  
  12adef054244849c15185c07758af299600f1f063aeee247ea53456721171647d26e1a951084b76f438faa70583aa421e83f22f2a5fc4ca22481ff30581d98ae
- SSDEEP
  
  3072:vG/rmPd3pGeQj+0pH1rkQ8QaQfVhCjjs6+l+kQaI+45hAlPN7xM/9ZKimQw9B1ia:KH1rkLQaQfVhYjs3VQaI5hAlPNtM/9Zu
Score

8^/10
- Writes DNS configuration
  Writes data to DNS resolver config file.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1