gafgyt | 20ce50691d1bebb2bfac1163445d895ac585f32bd72aa0c15c0f28a3d3b9407a | Triage

Sharing

General

Target

12fcc4ba53dcdf548c4c0c6d2f0657b3.elf
Size

134KB
Sample

230319-j9j37shf9t
MD5

12fcc4ba53dcdf548c4c0c6d2f0657b3
SHA1

ad5624edf5b733ac6c718c813924e540cce74575
SHA256

20ce50691d1bebb2bfac1163445d895ac585f32bd72aa0c15c0f28a3d3b9407a
SHA512

4496bc5bcd8f66aa7228ddffe4bbab0d2faa2b850b91cd8d7b174fd46cfda085487d6dcf3838faa982e56bed423939528a632f786514efbb20357d553d2bde8e
SSDEEP

3072:A04EFxWKgY381yU5hv73WVzhF3xemqY1fuBmvm:A0yY3+yU5hvD0zhF3xemqY1fuBmvm

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  12fcc4ba53dcdf548c4c0c6d2f0657b3.elf
- Size
  
  134KB
- MD5
  
  12fcc4ba53dcdf548c4c0c6d2f0657b3
- SHA1
  
  ad5624edf5b733ac6c718c813924e540cce74575
- SHA256
  
  20ce50691d1bebb2bfac1163445d895ac585f32bd72aa0c15c0f28a3d3b9407a
- SHA512
  
  4496bc5bcd8f66aa7228ddffe4bbab0d2faa2b850b91cd8d7b174fd46cfda085487d6dcf3838faa982e56bed423939528a632f786514efbb20357d553d2bde8e
- SSDEEP
  
  3072:A04EFxWKgY381yU5hv73WVzhF3xemqY1fuBmvm:A0yY3+yU5hvD0zhF3xemqY1fuBmvm
Score

8^/10
- Writes DNS configuration
  Writes data to DNS resolver config file.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

Impact

Tasks

static1

behavioral1