gafgyt | a8056b641b9fa87d1310c757a9e329ac268f2e2d987b2e1aea16ded05ecc062c | Triage

Sharing

General

Target

Pandora.x86.elf
Size

100KB
Sample

230319-jgd2gsfd96
MD5

8541392c5263ffca86dd1b0820709e00
SHA1

705a1c7fa631d7075aa40949ff317c0b29b164f1
SHA256

a8056b641b9fa87d1310c757a9e329ac268f2e2d987b2e1aea16ded05ecc062c
SHA512

3e6d9906ba2c22a90a4deb7e5ab9343fe368f66dbcf5f56a847e581de6a35f1929d7e13bb25a97a6b3bf02354d92448c394daf9c50a11ebec7fac06abee79d4d
SSDEEP

3072:Vn2nW3WPWximT8o7yS9LRk3u4QphaRdmHyVQX5A+u+cm:hxyS5FphaRdmHyVQX5A+u+cm

Score

10^/10

gafgyt linux

Malware Config

Targets

- Target
  
  Pandora.x86.elf
- Size
  
  100KB
- MD5
  
  8541392c5263ffca86dd1b0820709e00
- SHA1
  
  705a1c7fa631d7075aa40949ff317c0b29b164f1
- SHA256
  
  a8056b641b9fa87d1310c757a9e329ac268f2e2d987b2e1aea16ded05ecc062c
- SHA512
  
  3e6d9906ba2c22a90a4deb7e5ab9343fe368f66dbcf5f56a847e581de6a35f1929d7e13bb25a97a6b3bf02354d92448c394daf9c50a11ebec7fac06abee79d4d
- SSDEEP
  
  3072:Vn2nW3WPWximT8o7yS9LRk3u4QphaRdmHyVQX5A+u+cm:hxyS5FphaRdmHyVQX5A+u+cm
Score

8^/10
- Writes DNS configuration
  Writes data to DNS resolver config file.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

Impact

Tasks

static1

behavioral1