gafgyt | 8b62c2319ad4465f3b93118082a9d840b5409b776dced575e26787a2139831a4 | Triage

Submit
Reports

Overview

overview

Static

static

83effb108b...fb.elf

debian-9-mipsel

7

Sharing

General

Target

83effb108b0d2ea5682d60692bf4ac6cf6e851e5a7bdf67ffb546ef174ffe4fb.zip
Size

39KB
Sample

230321-rykjlabb65
MD5

991d5b11cc9ce5cedb412938726e2891
SHA1

7e3f1eef8671ff3c94ce6e274ee26240b1bc9a5c
SHA256

8b62c2319ad4465f3b93118082a9d840b5409b776dced575e26787a2139831a4
SHA512

f48e1bdb62656321a5b98f89b26a2cfcd564402cc524ef30003ce25ff9b74aefa944c2e7bf17bd1f91f47e474e938ed09fee7a38d5da835b9a9badf5bed2ef22
SSDEEP

768:k1CR7uEphoBIkTNChrCNCsWtdGXtKDvnBU89jTBvwBDd/Bx8rfC:8CRF8BIkTNlNCNGX2W8SWG

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

83effb108b0d2ea5682d60692bf4ac6cf6e851e5a7bdf67ffb546ef174ffe4fb.elf

Resource

debian9-mipsel-en-20211208

debian-9-mipsel

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  83effb108b0d2ea5682d60692bf4ac6cf6e851e5a7bdf67ffb546ef174ffe4fb.elf
- Size
  
  110KB
- MD5
  
  3ef2400e0fc443e5747b5c01446b4c3e
- SHA1
  
  41613c9f1a6ef2de688225a2022f9c6c74ce2739
- SHA256
  
  83effb108b0d2ea5682d60692bf4ac6cf6e851e5a7bdf67ffb546ef174ffe4fb
- SHA512
  
  eed78297fc6b3c01cb95d925131b5a33b11b0a0fc0f7f313e7c5035a987107ee78da561e5b4774e0aadb391b8f679177cbc611ca53e94b60893fe86a93e7a4de
- SSDEEP
  
  1536:ZLeTikthhSMOCMQS+ZjN4pjuIxreg2OrN2eDo/TUmkiSFxfC7xbXe:ZhHC3S+dUreiNTDiTUmkiSFxfKxbXe
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy