gafgyt | 59b78ec480b83c653feeae842d046cf28c854fa313fa5f671887d7991887bb91 | Triage

Submit
Reports

Overview

overview

Static

static

08f4b1b8b3...67.elf

debian-9-mipsel

7

Sharing

General

Target

188df51e04c8ea969a3faa68d3a381da.bin
Size

42KB
Sample

230316-g928nshd59
MD5

c4b01471520f6afc7b5bd14163eb1bdb
SHA1

9ba2a9ac970a083fc790e2feb4c0ec5379696e23
SHA256

59b78ec480b83c653feeae842d046cf28c854fa313fa5f671887d7991887bb91
SHA512

7f06dba51a35ede4e06b778e719ba335b2259c9f062ed9b5f5847a12e3fb9e0aab53e11eb2c20d48af87d90911b3aa7be5a633c911a38714f2a03f60af188378
SSDEEP

768:Aoxuqa4hpqnuDuI/XYV14fhcZTNX2lf8uCXF/JI9ItfZwB76LYObG:Ao4qa4hdjYV14fhcNQfqXFJoILwUdbG

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

08f4b1b8b374aff85014928f6dbeba6cc8e2bd261d2bf6e729188f2d5196bd67.elf

Resource

debian9-mipsel-20221111-en

debian-9-mipsel

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  08f4b1b8b374aff85014928f6dbeba6cc8e2bd261d2bf6e729188f2d5196bd67.elf
- Size
  
  123KB
- MD5
  
  188df51e04c8ea969a3faa68d3a381da
- SHA1
  
  770d01603311d5c68af08d82126220a227e7c06d
- SHA256
  
  08f4b1b8b374aff85014928f6dbeba6cc8e2bd261d2bf6e729188f2d5196bd67
- SHA512
  
  1dd2fdfc75c8c9f2c70062b47ab00ed7a969e855961b100904e556dc58f8ad349a4145c054f6cb1077355b3658033b38a81a00be3774d5170aecf6c5b9a2fd13
- SSDEEP
  
  1536:/UHeTsCAms/Y8Zm3lKYA43gMJwSkJ8Epw+DzUh8rmW+IFB1Df11hR/:/U1LqAmgMJM8E2+Dw8rmW+IFB1Dt1hR/
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy