gafgyt | 8b6e843482a9249cf62e7a3227a40ea100193ea565a72f7493e508fb619ced01 | Triage

Sharing

General

Target

b9b47eee63fdb5c0b7e505f1aeb59fca.elf
Size

148KB
Sample

230317-kybhcshc7z
MD5

b9b47eee63fdb5c0b7e505f1aeb59fca
SHA1

5a96c395fe6dc4544580910670b88eefcbefcb6f
SHA256

8b6e843482a9249cf62e7a3227a40ea100193ea565a72f7493e508fb619ced01
SHA512

5f336d8afb60ed4f10b3c002f276543af9791514364dda35adf1f84a6cea542071192607ef56ed0a94c544fec6530fd9e80d360c7ae160de874e28e6b0dacaae
SSDEEP

1536:mVNs7K797V+nv57gbj6l6T6B6v6N6/6AePe1ebeZe5bwClA2rKQA1dXAQTI/e0hd:vY01ZkXAQT4NU9//ImlWs4zWfOodW

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  b9b47eee63fdb5c0b7e505f1aeb59fca.elf
- Size
  
  148KB
- MD5
  
  b9b47eee63fdb5c0b7e505f1aeb59fca
- SHA1
  
  5a96c395fe6dc4544580910670b88eefcbefcb6f
- SHA256
  
  8b6e843482a9249cf62e7a3227a40ea100193ea565a72f7493e508fb619ced01
- SHA512
  
  5f336d8afb60ed4f10b3c002f276543af9791514364dda35adf1f84a6cea542071192607ef56ed0a94c544fec6530fd9e80d360c7ae160de874e28e6b0dacaae
- SSDEEP
  
  1536:mVNs7K797V+nv57gbj6l6T6B6v6N6/6AePe1ebeZe5bwClA2rKQA1dXAQTI/e0hd:vY01ZkXAQT4NU9//ImlWs4zWfOodW
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1