gafgyt | 134eb8c5cc6e53f6a5754e97d34cfa46a4d2b1c9c37a4455769e43cc0309fee1 | Triage

Sharing

General

Target

9aef69241cf3bbe78dc1746f13f387a7.elf
Size

148KB
Sample

230317-pjwxzagb66
MD5

9aef69241cf3bbe78dc1746f13f387a7
SHA1

3b594d9f58cb9106cc25cf385194761ddb15f635
SHA256

134eb8c5cc6e53f6a5754e97d34cfa46a4d2b1c9c37a4455769e43cc0309fee1
SHA512

a5ab160c5c4bc7680e439ae4b7270ba7dcccc20cd274ed9bc2b4811e6c0e3069a2b6469461dceaff45ea7fa5d9cf91c9037031daa72cfe1a87e68f9670e9fb4b
SSDEEP

1536:bVeTpqCVvWRYx0O9vPBysZgvsgxqAz/0ufMytVhpLtaoLAImlP+s4zWfOodW:byvWmBx+sK/PflXgImlWs4zWfOodW

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  9aef69241cf3bbe78dc1746f13f387a7.elf
- Size
  
  148KB
- MD5
  
  9aef69241cf3bbe78dc1746f13f387a7
- SHA1
  
  3b594d9f58cb9106cc25cf385194761ddb15f635
- SHA256
  
  134eb8c5cc6e53f6a5754e97d34cfa46a4d2b1c9c37a4455769e43cc0309fee1
- SHA512
  
  a5ab160c5c4bc7680e439ae4b7270ba7dcccc20cd274ed9bc2b4811e6c0e3069a2b6469461dceaff45ea7fa5d9cf91c9037031daa72cfe1a87e68f9670e9fb4b
- SSDEEP
  
  1536:bVeTpqCVvWRYx0O9vPBysZgvsgxqAz/0ufMytVhpLtaoLAImlP+s4zWfOodW:byvWmBx+sK/PflXgImlWs4zWfOodW
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1