gafgyt | b0916d00db4cd9eb5b1be86e30cf5de5d9865ba66fb2c247700aa1b663f2bce6 | Triage

Sharing

General

Target

284b1df82b394743703ba050cf750552.elf
Size

118KB
Sample

230316-2jslrsdb76
MD5

284b1df82b394743703ba050cf750552
SHA1

c215ec33649e2ddf1db52586437e4170c407e5bf
SHA256

b0916d00db4cd9eb5b1be86e30cf5de5d9865ba66fb2c247700aa1b663f2bce6
SHA512

2121fbe34ef998bc620f53c18a029b4b373c783593a3b984b0206d25cd6dbc5429815539564441f4503171d6515ab096d84607008289fed035a594b15f4e94a1
SSDEEP

3072:ekYPUfsgnsb0J2ag/Vf8kDN0dn+mTQOY5NX3cn:9YPUfsgEo2a08kDy+mTQOY5R3cn

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  284b1df82b394743703ba050cf750552.elf
- Size
  
  118KB
- MD5
  
  284b1df82b394743703ba050cf750552
- SHA1
  
  c215ec33649e2ddf1db52586437e4170c407e5bf
- SHA256
  
  b0916d00db4cd9eb5b1be86e30cf5de5d9865ba66fb2c247700aa1b663f2bce6
- SHA512
  
  2121fbe34ef998bc620f53c18a029b4b373c783593a3b984b0206d25cd6dbc5429815539564441f4503171d6515ab096d84607008289fed035a594b15f4e94a1
- SSDEEP
  
  3072:ekYPUfsgnsb0J2ag/Vf8kDN0dn+mTQOY5NX3cn:9YPUfsgEo2a08kDy+mTQOY5R3cn
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1