gafgyt | b46ce30f9d7c1f3f2b2bb9b315cebbb34fde07476925f726dbf1625968392ca2 | Triage

Submit
Reports

Overview

overview

Static

static

96aad138ba...f5.elf

debian-9-mipsel

7

Sharing

General

Target

1be8a48ca86d7b20de352f8423342a26.bin
Size

39KB
Sample

230320-bgmdvsba42
MD5

9b52c310580bda464dc2ef22c46c3006
SHA1

2a6c87cced094da5405c3ff208ce503444adc168
SHA256

b46ce30f9d7c1f3f2b2bb9b315cebbb34fde07476925f726dbf1625968392ca2
SHA512

27afc187ea81cae2f90d8ab9c0761e5b048ef4e6272fa02261e53df792fd4b910b23eb49026ef09e91b509f8a1c0b3ac3bb199efd2fbfc188e60ebcc13dd79af
SSDEEP

768:JZrUTLQXzQwl6mokpS9C7u6tiodjxn14RCHQCjkN2E/miZP2ToSy/bppKM:JpUdmo+SM7u64oHHLjkN2AmiYTQppX

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

96aad138ba334d9ed86a91c7796ccc66ede30c8e873c59f437949b968cf00bf5.elf

Resource

debian9-mipsel-20221111-en

debian-9-mipsel

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  96aad138ba334d9ed86a91c7796ccc66ede30c8e873c59f437949b968cf00bf5.elf
- Size
  
  110KB
- MD5
  
  1be8a48ca86d7b20de352f8423342a26
- SHA1
  
  4936874800ad86ea8002e2656b9561cc591f8700
- SHA256
  
  96aad138ba334d9ed86a91c7796ccc66ede30c8e873c59f437949b968cf00bf5
- SHA512
  
  23cc66ca9fe7a26bf977641705cc2b51cf278bf609fa0c867cab165a8c845cf9e56cce5793a252cde2d1d1a9486e6ae04788cb8a2f67337b8e47ae14bbb6bd7a
- SSDEEP
  
  1536:ZLeTikthhSMOCMQS+ZjN4pjuIxreg2OXN2eDo/TUmkiSFxfC7xbXe:ZhHC3S+dUremNTDiTUmkiSFxfKxbXe
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy