gafgyt | 232dbf285097a6b68afa20c6a209bfce48d02e75f7a617722a77b588568e159b | Triage

Sharing

General

Target

mipsel.elf
Size

148KB
Sample

230302-l175sacd53
MD5

cefb0d1a84c08c7414f10f2cd755ce9e
SHA1

33be9bd5910bd2477c84f5674040b7cce612da0e
SHA256

232dbf285097a6b68afa20c6a209bfce48d02e75f7a617722a77b588568e159b
SHA512

c0f1a3ab4bab7e41a8d94fa063371be1cb9350b5053c1cea690fbbf431e0589138968245e2ffbe308f52083b8a75563c2663389c5087d7da8405d369f0dc54a5
SSDEEP

1536:bVeTpqCVvWRYx0O9vPBysZgvsgxqAz/0ufMytVQpLtaoLAImlP+s4zWfOodW:byvWmBx+sK/PflugImlWs4zWfOodW

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  mipsel.elf
- Size
  
  148KB
- MD5
  
  cefb0d1a84c08c7414f10f2cd755ce9e
- SHA1
  
  33be9bd5910bd2477c84f5674040b7cce612da0e
- SHA256
  
  232dbf285097a6b68afa20c6a209bfce48d02e75f7a617722a77b588568e159b
- SHA512
  
  c0f1a3ab4bab7e41a8d94fa063371be1cb9350b5053c1cea690fbbf431e0589138968245e2ffbe308f52083b8a75563c2663389c5087d7da8405d369f0dc54a5
- SSDEEP
  
  1536:bVeTpqCVvWRYx0O9vPBysZgvsgxqAz/0ufMytVQpLtaoLAImlP+s4zWfOodW:byvWmBx+sK/PflugImlWs4zWfOodW
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1