gafgyt | dbd864147c9adf7522c49647d962cd8532383651f14d5e729a7754d7e6ccf517 | Triage

Sharing

General

Target

0f30f9075e6520891f50d1a15a0f49a1.elf
Size

90KB
Sample

230318-af2lqace7w
MD5

0f30f9075e6520891f50d1a15a0f49a1
SHA1

472cc2b4f051519154492608a6931719273359bd
SHA256

dbd864147c9adf7522c49647d962cd8532383651f14d5e729a7754d7e6ccf517
SHA512

e20b91b50b169630c7b69988ee4aed1f2d52b35bdc675bd9bd93b788e355b6de1b0a4c86091168e659cb9695873bf4f600bde4d9d2e64454f9057b17cbfe2fc8
SSDEEP

1536:W7WREyqkQc923v2uNi7pNF+BoD3nphanvn00JFmoI5um2Xj5YZA0e:4RkQT3v9EbYBo7nphanvn00bmr5um2Xx

Score

10^/10

gafgyt linux

Malware Config

Targets

- Target
  
  0f30f9075e6520891f50d1a15a0f49a1.elf
- Size
  
  90KB
- MD5
  
  0f30f9075e6520891f50d1a15a0f49a1
- SHA1
  
  472cc2b4f051519154492608a6931719273359bd
- SHA256
  
  dbd864147c9adf7522c49647d962cd8532383651f14d5e729a7754d7e6ccf517
- SHA512
  
  e20b91b50b169630c7b69988ee4aed1f2d52b35bdc675bd9bd93b788e355b6de1b0a4c86091168e659cb9695873bf4f600bde4d9d2e64454f9057b17cbfe2fc8
- SSDEEP
  
  1536:W7WREyqkQc923v2uNi7pNF+BoD3nphanvn00JFmoI5um2Xj5YZA0e:4RkQT3v9EbYBo7nphanvn00bmr5um2Xx
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1