gafgyt | a004cbdce66635dfdfa590a350ddf97fd31a65fe89aa872ebd454913682c0a7f | Triage

Sharing

General

Target

02ad01cc3916b2c678dbe73ac2b497e2.elf
Size

118KB
Sample

230310-l7yjxsed6v
MD5

02ad01cc3916b2c678dbe73ac2b497e2
SHA1

6db36b1a3a6b1f529cbc47b3ef3df5b3ab7bad81
SHA256

a004cbdce66635dfdfa590a350ddf97fd31a65fe89aa872ebd454913682c0a7f
SHA512

5ff7903440542236d98d334f0ee4f5687dbaa83b918cc0f04acf60b0a6d5a3fe7672583811dfaf44bf58381c91fa7671fe00c21fbf7843759e6e2a7686483f54
SSDEEP

3072:ekYPUfsgnsb0J2ag/VfkkDN0dn+mTQOY5NX3cn:9YPUfsgEo2a0kkDy+mTQOY5R3cn

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  02ad01cc3916b2c678dbe73ac2b497e2.elf
- Size
  
  118KB
- MD5
  
  02ad01cc3916b2c678dbe73ac2b497e2
- SHA1
  
  6db36b1a3a6b1f529cbc47b3ef3df5b3ab7bad81
- SHA256
  
  a004cbdce66635dfdfa590a350ddf97fd31a65fe89aa872ebd454913682c0a7f
- SHA512
  
  5ff7903440542236d98d334f0ee4f5687dbaa83b918cc0f04acf60b0a6d5a3fe7672583811dfaf44bf58381c91fa7671fe00c21fbf7843759e6e2a7686483f54
- SSDEEP
  
  3072:ekYPUfsgnsb0J2ag/VfkkDN0dn+mTQOY5NX3cn:9YPUfsgEo2a0kkDy+mTQOY5R3cn
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1