gafgyt | 3bfb0ced2d2a9b855154f606d7251d9daaa0054df0fc995bd2066c75f195e07c | Triage

Submit
Reports

Overview

overview

Static

static

d19868450f...7c.elf

debian-9-mipsel

7

Sharing

General

Target

61f0f089e64dc49c81f36c3765295798.bin
Size

46KB
Sample

230326-bvgersfa72
MD5

661a82ef057e8ea9cc14bea27cb82067
SHA1

910fb9f182c18d4bd33e53ef775e5719f616b4b5
SHA256

3bfb0ced2d2a9b855154f606d7251d9daaa0054df0fc995bd2066c75f195e07c
SHA512

8bf7a6099c64bcee7b4a41eccbad11e77f38fc668573430d3ee7af6526fc8ae21e3b0ab29cb0a4617ddad40b3acc2e2ea59706446d07874576356f443d90426a
SSDEEP

768:3l8SF6K8fN/oVhnNTHI88hZn65Yrhpsf+3Wsgz8UKZIHBdJGf/c3Mqlo2t5xughd:mSF6hfN/qhH2Hn65YFpsfPsgzlKSo/w9

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

d19868450fa290924c1f1c53c0843b98ccb33c90c83439ba2bb623d6b870d27c.elf

Resource

debian9-mipsel-20221111-en

debian-9-mipsel

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  d19868450fa290924c1f1c53c0843b98ccb33c90c83439ba2bb623d6b870d27c.elf
- Size
  
  152KB
- MD5
  
  61f0f089e64dc49c81f36c3765295798
- SHA1
  
  2faecfe735fcf82fc2aa9f3d65ae9218fd0725cc
- SHA256
  
  d19868450fa290924c1f1c53c0843b98ccb33c90c83439ba2bb623d6b870d27c
- SHA512
  
  59cc7c603e0cf97d4a9ed460aa662e42df1fe92ea91bc2415bef97be88b23ba60cfa98be9369fb0eebfc55c64e39473657ac2aaaae0bc0162cc59ae6e86a4353
- SSDEEP
  
  1536:VveTEaqPFvpANUoMBa1ZYylww/0ezOQllv5hFZdMyl1h7dwwUF91xf1zlwe:VFz7o11NvKO5hFvl1h7dwwUF91x9zlwe
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy