gafgyt | 084c722d5807ff9624ed07e5eec95326ed46f58e35772882c94561e53b32c013 | Triage

Sharing

General

Target

b54ce075be65da6c9eec89e607d6fc56.elf
Size

165KB
Sample

230319-j9kdzahf9y
MD5

b54ce075be65da6c9eec89e607d6fc56
SHA1

ece8cb19db726a9a5683332e098c7095661e6155
SHA256

084c722d5807ff9624ed07e5eec95326ed46f58e35772882c94561e53b32c013
SHA512

0c47b03472b0e8b3ebf171d2df39b66a8496e316dd40afc3dc668d3c67e785de722022297da3f325430a6f229c12299a8a21d76fba3156d3c41c037c7206e7b6
SSDEEP

3072:JG/rmPd3pGeQj+UcH1rkr8AawXFBD0chCmlmkgDY345hAsPN7xM/9/FECmQw9B1t:9H1rk4AawXFBYchX9gDx5hAsPNtM/9dU

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  b54ce075be65da6c9eec89e607d6fc56.elf
- Size
  
  165KB
- MD5
  
  b54ce075be65da6c9eec89e607d6fc56
- SHA1
  
  ece8cb19db726a9a5683332e098c7095661e6155
- SHA256
  
  084c722d5807ff9624ed07e5eec95326ed46f58e35772882c94561e53b32c013
- SHA512
  
  0c47b03472b0e8b3ebf171d2df39b66a8496e316dd40afc3dc668d3c67e785de722022297da3f325430a6f229c12299a8a21d76fba3156d3c41c037c7206e7b6
- SSDEEP
  
  3072:JG/rmPd3pGeQj+UcH1rkr8AawXFBD0chCmlmkgDY345hAsPN7xM/9/FECmQw9B1t:9H1rk4AawXFBYchX9gDx5hAsPNtM/9dU
Score

8^/10
- Writes DNS configuration
  Writes data to DNS resolver config file.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

Impact

Tasks

static1

behavioral1