gafgyt | a043506afa651856512dcd8edcf31e096ec34a95f898f9b0464470dc818a3740 | Triage

Submit
Reports

Overview

overview

Static

static

1e1407dc61...10.elf

debian-9-armhf

7

Sharing

General

Target

1e1407dc61d3ec7033a114ac3d7f40b31c766f3ea0d4c1ee39067e7c703b0a10.zip
Size

64KB
Sample

230321-ryj8tsbb62
MD5

1fee868a77a108ebcd7686b3a57747d9
SHA1

c6304511bd1355131d05f9b8a9b57bba06ed64c7
SHA256

a043506afa651856512dcd8edcf31e096ec34a95f898f9b0464470dc818a3740
SHA512

38955b1e812d7c6aac992c2a1af4d587a1321e3e4d8a129463f3205be16808eaaa59534835296a9881b59157a6771b1ea638796af9c11c2da7e1aa08714b2f0c
SSDEEP

1536:y3zMTNy6vYyrgn6RmG07t4Wyx+XLIcpfPi6WZj+fU6claerVAnKRrEHW:wzMYDn6gZdX/wQlYhAnKRrE2

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

1e1407dc61d3ec7033a114ac3d7f40b31c766f3ea0d4c1ee39067e7c703b0a10.elf

Resource

debian9-armhf-20221111-en

debian-9-armhf

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  1e1407dc61d3ec7033a114ac3d7f40b31c766f3ea0d4c1ee39067e7c703b0a10.elf
- Size
  
  146KB
- MD5
  
  689c3bafc42d8dbdce224fd260d096a7
- SHA1
  
  ec4105d86535970dfe956de7d226d3c7a7c2e906
- SHA256
  
  1e1407dc61d3ec7033a114ac3d7f40b31c766f3ea0d4c1ee39067e7c703b0a10
- SHA512
  
  5e140d13eb46c875700a91795e989ec49828d98494b37c0c368d3c4f66609a5df009b556fec89fb1aa3697847c7a661244c77b440c8bab069f089e9a1489cd79
- SSDEEP
  
  3072:fuNaNpF4uVN++dkhnxKQennF4M/9OD4bNWkE1kmpwfvRQfZn:mNaNpF4+NChngQennCM/9ekmpwfvafZn
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy