gafgyt | 69c6d7d3bdb33cb00b9af92c20e3431f9338e9880654b8153c45efaf842863d7 | Triage

Sharing

General

Target

x32.s.elf
Size

83KB
Sample

230315-zkafgafc36
MD5

8ef63b93ef218c6669a889a0accca5fb
SHA1

8af60c182d9bfd6a6d3a3f8d4eade047729595d2
SHA256

69c6d7d3bdb33cb00b9af92c20e3431f9338e9880654b8153c45efaf842863d7
SHA512

fcefff5cd1f302015dbd052eaa8dd9dbdb5ba69d7d64fa0108fa9dd6e7c0729e33486ed8b062be780390398714d36d0330dd2d325e7ccbc2b87efd6901484151
SSDEEP

1536:W35b9Vj4N3J6lreu5r4hWj8LjWDloRmF+wVOz+sXcfW7k:Ab9Vj4JJ6liuq0YP2oRmEwVOz+ucfW7k

Score

10^/10

gafgyt discovery linux

Malware Config

Targets

- Target
  
  x32.s.elf
- Size
  
  83KB
- MD5
  
  8ef63b93ef218c6669a889a0accca5fb
- SHA1
  
  8af60c182d9bfd6a6d3a3f8d4eade047729595d2
- SHA256
  
  69c6d7d3bdb33cb00b9af92c20e3431f9338e9880654b8153c45efaf842863d7
- SHA512
  
  fcefff5cd1f302015dbd052eaa8dd9dbdb5ba69d7d64fa0108fa9dd6e7c0729e33486ed8b062be780390398714d36d0330dd2d325e7ccbc2b87efd6901484151
- SSDEEP
  
  1536:W35b9Vj4N3J6lreu5r4hWj8LjWDloRmF+wVOz+sXcfW7k:Ab9Vj4JJ6liuq0YP2oRmEwVOz+ucfW7k
Score

6^/10

discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1