gafgyt | bb5c962e9ef698bba67a22372b677e764c785bc69e8da343eafb9ad315208402 | Triage

Submit
Reports

Overview

overview

Static

static

4f65bdb5fa...80.elf

ubuntu-18.04-amd64

7

Sharing

General

Target

e0f4b2c195634626c31fbca8f7ef9a98.bin
Size

38KB
Sample

230320-b5k6psbb95
MD5

95b8d5090e1ed50be6b64e44f618e991
SHA1

5a4568e2009b033a1479a646d79785461e932f91
SHA256

bb5c962e9ef698bba67a22372b677e764c785bc69e8da343eafb9ad315208402
SHA512

e998e777b8ec0670e292ff681f90981e4f71fd2eacc7b39583324d0a6f621bc43645f78453bb6398daf26eef4721ef85ee68c0775b41efdd4765c2306684345c
SSDEEP

768:qwfZGBhbK05JrLK4zOpVXcibdfPj5Py+vtIQw54H8Ylb6fsiS3n:qwEK05JrLK4ipVMKdPjpRDs4H8QcbS3

Score

10^/10

gafgyt linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

4f65bdb5fa27a5a73e9dfe963fbc785e66ebba56093b30b259f72e5379fa3380.elf

Resource

ubuntu1804-amd64-20221111-en

ubuntu-18.04-amd64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  4f65bdb5fa27a5a73e9dfe963fbc785e66ebba56093b30b259f72e5379fa3380.elf
- Size
  
  83KB
- MD5
  
  e0f4b2c195634626c31fbca8f7ef9a98
- SHA1
  
  a093bfbdd3b4a25f8a96d413a601af88d3916450
- SHA256
  
  4f65bdb5fa27a5a73e9dfe963fbc785e66ebba56093b30b259f72e5379fa3380
- SHA512
  
  a3f77e2ae9eba60657c4cc4334b02de79b8cc2e8bfaa5d8f9a606fcd9155be625cde2b42e063e7b8b2c0252346be21aa5e71b93e809791f979d4a3166fc861de
- SSDEEP
  
  1536:UB7crF7FePF5tZuEqdPUq0aJb9sqx3CjrM3X+uWIr8UmoIYuOVje+ZNne:URQFet5O7dPr0oSwyjr4X+uDnmrYuOVA
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy