gafgyt | ba99da4ae8364f9ae7728c7ea4a9600f2b923e3261f897031d27412b16d8f596 | Triage

Submit
Reports

Overview

overview

Static

static

345af30747...03.elf

debian-9-mips

7

Sharing

General

Target

1a734753f7d86583ead3dd3c3ec6ee1d.bin
Size

39KB
Sample

230321-bc75rsgb34
MD5

486f0b3d8ccb84aa1bc841071d49ad51
SHA1

52b83bfafead333e9ebb8510b52905e5360cc72c
SHA256

ba99da4ae8364f9ae7728c7ea4a9600f2b923e3261f897031d27412b16d8f596
SHA512

0d1d8992f8fa1432bc0b407021f5ad18f56bddfd3f15494914bca5367b6613000308062060f829963f3ff4ce06b373cb6161dc8a142a14fa8a75e40253a559be
SSDEEP

768:QHRngQDPG3pRI9tcDgwHUWsxrlDb3xaIMiQntxV0/IB7aLwd2I2j6ZiJCDq6/r08:QxvPQO7xLJQkwBmsd2I2j6ZDJK0

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

345af30747e6bc29131d37896094eee96e0255ad157d0a1d688f732bb3d60303.elf

Resource

debian9-mipsbe-en-20211208

debian-9-mips

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  345af30747e6bc29131d37896094eee96e0255ad157d0a1d688f732bb3d60303.elf
- Size
  
  106KB
- MD5
  
  1a734753f7d86583ead3dd3c3ec6ee1d
- SHA1
  
  157dd487f87ddf8583b15216691bed6e383a11d2
- SHA256
  
  345af30747e6bc29131d37896094eee96e0255ad157d0a1d688f732bb3d60303
- SHA512
  
  54e6142e522409b7e9e2dcc43bf1c505775406ffdd3761487cbf3a948ef3542f31de92a375e05f8ae0080b405aa755c1c404ff3cf0e6d34fbcf11fa834f272b9
- SSDEEP
  
  1536:27j+1Tohq+XZ6NDmGf/Yo7exVXMIMNeUdPIUmkiIF8iCKrmne:hK4f/YrcIMrPIUmkiIF8iPrmne
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy