gafgyt | 6b2aeb5f8f0ee17a33da98de8bbbf182af8c1b087f24795cb113416bc9dd9522 | Triage

Submit
Reports

Overview

overview

Static

static

e876b6c9ba...05.elf

debian-9-mips

7

Sharing

General

Target

b448e32063353845e25ff71c34cf05f8.bin
Size

42KB
Sample

230306-b462saab95
MD5

ee8e289546f3561d7f5639c3f3273ba8
SHA1

d39f8cf7cb8a5f4399326b735677cad0a31331ed
SHA256

6b2aeb5f8f0ee17a33da98de8bbbf182af8c1b087f24795cb113416bc9dd9522
SHA512

c515549811df6554c41986f354f43516fb5f7c33560c8f8f31e32f0fdfe1b180cdba49c0ad143a6e4c84017e7362e24b74985863084fc11a46fb73fb8c2e3fbd
SSDEEP

768:b171j1j6FtzVQfKwHFr1sMDC2kvZ+tv0WYRC9MCp5yBhdizWCtYll5GplOI41Mm:TbfKsBC2kvCZ99MCp4BDlupcI41p

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

e876b6c9ba578bc8c645ec499c99493d603e227ae1e0c342f1c769e68bc7ef05.elf

Resource

debian9-mipsbe-en-20211208

debian-9-mips

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  e876b6c9ba578bc8c645ec499c99493d603e227ae1e0c342f1c769e68bc7ef05.elf
- Size
  
  113KB
- MD5
  
  b448e32063353845e25ff71c34cf05f8
- SHA1
  
  65a563cca6d1358522ed68e9f5ec1b099ece5d41
- SHA256
  
  e876b6c9ba578bc8c645ec499c99493d603e227ae1e0c342f1c769e68bc7ef05
- SHA512
  
  44443d37313518b5a69af8c103d90f3e40c054fd32d071980f59a5022b3cc0b0393597a46281c0fd6dd0deed5cc11658234fe007d579334202c4c35a3fc969a6
- SSDEEP
  
  3072:C/4g3Kd1rn5hZmxgA9OKdwwjF9GhsR1Ae:O9ann5hZLHKdwwjF9GhsR1Ae
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy