gafgyt | ae909c579695710e8a7b46407171bd5aea35dac97c4d61e0d11de1610ef11754 | Triage

Sharing

General

Target

x86.elf
Size

112KB
Sample

230302-l175sacd52
MD5

bb761308da7f7b05e5ac830f43c83f0a
SHA1

2e60c6db8fd39745c4e28eb7ccdb74b9a0fc63ce
SHA256

ae909c579695710e8a7b46407171bd5aea35dac97c4d61e0d11de1610ef11754
SHA512

de87f8c73dfa9c4f5a4f4e4cd1fbce817d67b8a0b502830c647e4000e85f05a6c3a1e5cfa68dc8a3943b9bc897d651ad81d6567908cc96916a7144f806f3d61f
SSDEEP

3072:Ld0wlSAewzi+Xn+8Uhw6W+aPiJmDk1c8xF6KjW:jfO8IBTJmDk1c8xF6KjW

Score

10^/10

gafgyt linux

Malware Config

Targets

- Target
  
  x86.elf
- Size
  
  112KB
- MD5
  
  bb761308da7f7b05e5ac830f43c83f0a
- SHA1
  
  2e60c6db8fd39745c4e28eb7ccdb74b9a0fc63ce
- SHA256
  
  ae909c579695710e8a7b46407171bd5aea35dac97c4d61e0d11de1610ef11754
- SHA512
  
  de87f8c73dfa9c4f5a4f4e4cd1fbce817d67b8a0b502830c647e4000e85f05a6c3a1e5cfa68dc8a3943b9bc897d651ad81d6567908cc96916a7144f806f3d61f
- SSDEEP
  
  3072:Ld0wlSAewzi+Xn+8Uhw6W+aPiJmDk1c8xF6KjW:jfO8IBTJmDk1c8xF6KjW
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1