gafgyt | 398756b0e97baca2ba7fbbb4fa97744e4b15ba25b03b8b8c2e6bd43252fc3da5 | Triage

Sharing

General

Target

031a7c376cebe22c6899ae4253f8a189.elf
Size

113KB
Sample

230316-1yxctsfc21
MD5

031a7c376cebe22c6899ae4253f8a189
SHA1

c412f312fef22984242f46f05a88df2b34148ebf
SHA256

398756b0e97baca2ba7fbbb4fa97744e4b15ba25b03b8b8c2e6bd43252fc3da5
SHA512

6a7e7fa0cd63127e9f77e6c6d5a935aa7542724eaba38c2a6df55337f9f4fb3ddcf096effd08cd1532255e40102ce0bb81fd27fa70362422cdec7dc84a6a33b4
SSDEEP

3072:C/4g3Kd1rU5hZmxgA9OKdwwjF9GhsR1Ae:O9anU5hZLHKdwwjF9GhsR1Ae

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  031a7c376cebe22c6899ae4253f8a189.elf
- Size
  
  113KB
- MD5
  
  031a7c376cebe22c6899ae4253f8a189
- SHA1
  
  c412f312fef22984242f46f05a88df2b34148ebf
- SHA256
  
  398756b0e97baca2ba7fbbb4fa97744e4b15ba25b03b8b8c2e6bd43252fc3da5
- SHA512
  
  6a7e7fa0cd63127e9f77e6c6d5a935aa7542724eaba38c2a6df55337f9f4fb3ddcf096effd08cd1532255e40102ce0bb81fd27fa70362422cdec7dc84a6a33b4
- SSDEEP
  
  3072:C/4g3Kd1rU5hZmxgA9OKdwwjF9GhsR1Ae:O9anU5hZLHKdwwjF9GhsR1Ae
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1