gafgyt | 96aad138ba334d9ed86a91c7796ccc66ede30c8e873c59f437949b968cf00bf5 | Triage

Sharing

General

Target

1be8a48ca86d7b20de352f8423342a26.elf
Size

110KB
Sample

230318-wva8zafc91
MD5

1be8a48ca86d7b20de352f8423342a26
SHA1

4936874800ad86ea8002e2656b9561cc591f8700
SHA256

96aad138ba334d9ed86a91c7796ccc66ede30c8e873c59f437949b968cf00bf5
SHA512

23cc66ca9fe7a26bf977641705cc2b51cf278bf609fa0c867cab165a8c845cf9e56cce5793a252cde2d1d1a9486e6ae04788cb8a2f67337b8e47ae14bbb6bd7a
SSDEEP

1536:ZLeTikthhSMOCMQS+ZjN4pjuIxreg2OXN2eDo/TUmkiSFxfC7xbXe:ZhHC3S+dUremNTDiTUmkiSFxfKxbXe

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  1be8a48ca86d7b20de352f8423342a26.elf
- Size
  
  110KB
- MD5
  
  1be8a48ca86d7b20de352f8423342a26
- SHA1
  
  4936874800ad86ea8002e2656b9561cc591f8700
- SHA256
  
  96aad138ba334d9ed86a91c7796ccc66ede30c8e873c59f437949b968cf00bf5
- SHA512
  
  23cc66ca9fe7a26bf977641705cc2b51cf278bf609fa0c867cab165a8c845cf9e56cce5793a252cde2d1d1a9486e6ae04788cb8a2f67337b8e47ae14bbb6bd7a
- SSDEEP
  
  1536:ZLeTikthhSMOCMQS+ZjN4pjuIxreg2OXN2eDo/TUmkiSFxfC7xbXe:ZhHC3S+dUremNTDiTUmkiSFxfKxbXe
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1