gafgyt | aad9eb8b1fad45af6e3e6216fe0ebcad67415aef87f6f5223717e388a8c8a0c4 | Triage

Submit
Reports

Overview

overview

Static

static

b72a7f83aa...2f.elf

debian-9-mipsel

7

Sharing

General

Target

f789e9df7bea8a1a46510e0fd6974506.bin
Size

60KB
Sample

230216-cf6xjseh8z
MD5

2ad2773d7940e6aa9584052b7a4c0972
SHA1

41b2252d59ded20cf82bd31ad5a9a55d76a52e17
SHA256

aad9eb8b1fad45af6e3e6216fe0ebcad67415aef87f6f5223717e388a8c8a0c4
SHA512

9002a44b6b3bbb01e7caef2c2b541f8ee58328918c7d60127ece99230e2f5c441850aee76c76b7ddbfeec55b6a141c82eb33906d0944f0517b0fb084e2396af7
SSDEEP

1536:z82xVKWOp3ypIWn9Pg+d8Jt/NOo15zMH+u2qwCJkA:4b7kpkLoojMeu2ZCJB

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

b72a7f83aa945ac71736b67a813e8614c2fb351bf42002528f9249d30ed9fc2f.elf

Resource

debian9-mipsel-en-20211208

debian-9-mipsel

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  b72a7f83aa945ac71736b67a813e8614c2fb351bf42002528f9249d30ed9fc2f.elf
- Size
  
  246KB
- MD5
  
  f789e9df7bea8a1a46510e0fd6974506
- SHA1
  
  0a96ac00e80faf9ad75140701567a2bd96de1d79
- SHA256
  
  b72a7f83aa945ac71736b67a813e8614c2fb351bf42002528f9249d30ed9fc2f
- SHA512
  
  23ed1471448d9d7e255e2c6d4e20a86002c4c5835216b6e4e1507627ab074458a2cd11528688bff08c70d3bbabcb0f1dc4e8af3ee01cd2c48beba6a973b19b97
- SSDEEP
  
  3072:NtDIdNdngB+WWh19icCS0/dvVzSmB2kqh2RBTDI:NtDIdbgBvWhD0/dvRSmB2kqh2RBTDI
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy