gafgyt | a232955b89eeedfef11353e3a0390f2779f27e5d9525672b210beb7ef955ed52 | Triage

Sharing

General

Target

2fec705ce6ccc1b5b50be9e912e62381.elf
Size

148KB
Sample

230317-kywtasfc72
MD5

2fec705ce6ccc1b5b50be9e912e62381
SHA1

389367a74df1271745f5942656a45a5477da8862
SHA256

a232955b89eeedfef11353e3a0390f2779f27e5d9525672b210beb7ef955ed52
SHA512

192c8277b4c5dfcc0f165feba2cf1684878c6653f80a2c34b7ce5e379d3ef795078c4818c732b6f639937c2a00ca33050d6ec7138aa124dd732087b5b7a78ad6
SSDEEP

1536:bVeTpqCVvWRYx0O9vPBysZgvsgxqAz/0ufMytVHpLtaoLAImlP+s4zWfOodW:byvWmBx+sK/Pfl9gImlWs4zWfOodW

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  2fec705ce6ccc1b5b50be9e912e62381.elf
- Size
  
  148KB
- MD5
  
  2fec705ce6ccc1b5b50be9e912e62381
- SHA1
  
  389367a74df1271745f5942656a45a5477da8862
- SHA256
  
  a232955b89eeedfef11353e3a0390f2779f27e5d9525672b210beb7ef955ed52
- SHA512
  
  192c8277b4c5dfcc0f165feba2cf1684878c6653f80a2c34b7ce5e379d3ef795078c4818c732b6f639937c2a00ca33050d6ec7138aa124dd732087b5b7a78ad6
- SSDEEP
  
  1536:bVeTpqCVvWRYx0O9vPBysZgvsgxqAz/0ufMytVHpLtaoLAImlP+s4zWfOodW:byvWmBx+sK/Pfl9gImlWs4zWfOodW
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1