gafgyt | 01f9ea3bf94bec3c4bb8cffc0f85a8d7e31d3fbda9a6f009765a4efc088bf5b4 | Triage

Sharing

General

Target

757e3005abef1b945ff3062d4a4c84e9.elf
Size

148KB
Sample

230317-k7b59ahd3y
MD5

757e3005abef1b945ff3062d4a4c84e9
SHA1

31d75fb0223b9349eb02058bc91786feced03680
SHA256

01f9ea3bf94bec3c4bb8cffc0f85a8d7e31d3fbda9a6f009765a4efc088bf5b4
SHA512

dfe4734e0b9763ef5868aa7cc4bf089022780ad6d0a530d63b1eb6ccacd13376382f02e47cde29df2b278f2554dfc8315ec42080a303c5cb195544a482e64fbf
SSDEEP

1536:mVNs7K797V+nv57gbj6l6T6B6v6N6/6AePe1ebeZe5bwClA2rKQA1dXAQTI/e0hu:vY01ZkXAQT4Nf9//ImlWs4zWfOodW

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  757e3005abef1b945ff3062d4a4c84e9.elf
- Size
  
  148KB
- MD5
  
  757e3005abef1b945ff3062d4a4c84e9
- SHA1
  
  31d75fb0223b9349eb02058bc91786feced03680
- SHA256
  
  01f9ea3bf94bec3c4bb8cffc0f85a8d7e31d3fbda9a6f009765a4efc088bf5b4
- SHA512
  
  dfe4734e0b9763ef5868aa7cc4bf089022780ad6d0a530d63b1eb6ccacd13376382f02e47cde29df2b278f2554dfc8315ec42080a303c5cb195544a482e64fbf
- SSDEEP
  
  1536:mVNs7K797V+nv57gbj6l6T6B6v6N6/6AePe1ebeZe5bwClA2rKQA1dXAQTI/e0hu:vY01ZkXAQT4Nf9//ImlWs4zWfOodW
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1