gafgyt | 28bd5e32b7cb282b7374a6bbe6fad56b9266227f2210dc38a63c6fbdb98dd101 | Triage

Submit
Reports

Overview

overview

Static

static

2ce5eb2235...6d.elf

ubuntu-18.04-amd64

7

Sharing

General

Target

a4ea13ef051384e3aac26c8bd3a2fb40.bin
Size

40KB
Sample

230321-b2mkcsac4w
MD5

cb9d3b574503c6871db0a8a46e06296a
SHA1

393f95d0f9a409a8362326ee5dc41e27193f505b
SHA256

28bd5e32b7cb282b7374a6bbe6fad56b9266227f2210dc38a63c6fbdb98dd101
SHA512

a8121351664e53120e9e61bfb1c8968f9538a44bfcaafe0a9b4618d418ac490f4f13d8fa8d4b6e82c310aaf0966feaaea26963fcf7337b6d7f71abab5216ea16
SSDEEP

768:ImecYhL5J43fOdjHp62u+IhuMsVP0OOBjEkxojaHV0dLWVcKD82:ImetL5J43fOdjE2m3sw7AS0dLna82

Score

10^/10

gafgyt linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2ce5eb2235aaf5476213a6dcdc7627524fd9a134b81dfda3e857b24f300ccc6d.elf

Resource

ubuntu1804-amd64-20221111-en

ubuntu-18.04-amd64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  2ce5eb2235aaf5476213a6dcdc7627524fd9a134b81dfda3e857b24f300ccc6d.elf
- Size
  
  91KB
- MD5
  
  a4ea13ef051384e3aac26c8bd3a2fb40
- SHA1
  
  532bf97ed3feb029c94763ce3abf2cf97dfa1e7c
- SHA256
  
  2ce5eb2235aaf5476213a6dcdc7627524fd9a134b81dfda3e857b24f300ccc6d
- SHA512
  
  274cf6b7e444435806ff75bc3d847d3ad17c70b7f1da07932ca704f4fefe2d39ebae03af770816e88a6cea9cf3095b9ddc9ff14640e6ef92cb237a871aa67d87
- SSDEEP
  
  1536:p7rHXokXsWFVSzkfLEkZAT5ipG5v3CphauH/VPNlDDUg6I9um2Xj5YZb0e:pcCPOkfQfNipGdCphaE/XVog99um2XFY
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy