gafgyt | dbfde1ab3287d4aac762c6a27a0af4db2d9c72036515ad0813bd829054a6bd99 | Triage

Sharing

General

Target

mips.elf
Size

148KB
Sample

230302-l18fjscd54
MD5

c72954b6056bb9a1368384310ccb08f6
SHA1

9a6dc94702db3663e9f7cf763f0bab64211aec8a
SHA256

dbfde1ab3287d4aac762c6a27a0af4db2d9c72036515ad0813bd829054a6bd99
SHA512

36b3ba8a2bd570e202648de90654fbd31ffb439501060bf97326f0f047390e30dc7d961e2d45e0a2a9842dea952b4660b59b86d91d333089f3e0db98e15e09a0
SSDEEP

1536:mVNs7K797V+nv57gbj6l6T6B6v6N6/6AePe1ebeZe5bwClA2rKQA1dXAQTI/e0hh:vY01ZkXAQT4NE9//ImlWs4zWfOodW

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  mips.elf
- Size
  
  148KB
- MD5
  
  c72954b6056bb9a1368384310ccb08f6
- SHA1
  
  9a6dc94702db3663e9f7cf763f0bab64211aec8a
- SHA256
  
  dbfde1ab3287d4aac762c6a27a0af4db2d9c72036515ad0813bd829054a6bd99
- SHA512
  
  36b3ba8a2bd570e202648de90654fbd31ffb439501060bf97326f0f047390e30dc7d961e2d45e0a2a9842dea952b4660b59b86d91d333089f3e0db98e15e09a0
- SSDEEP
  
  1536:mVNs7K797V+nv57gbj6l6T6B6v6N6/6AePe1ebeZe5bwClA2rKQA1dXAQTI/e0hh:vY01ZkXAQT4NE9//ImlWs4zWfOodW
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1