gafgyt | 7b70b72e033611fd105296f7fbb5bb96316a540d57bec89b62799c03b43f635c | Triage

Submit
Reports

Overview

overview

Static

static

088bc83f3c...bf.elf

debian-9-mipsel

7

Sharing

General

Target

5b520d742218be4766fc0806b5e6879f.bin
Size

39KB
Sample

230327-bym2qaba39
MD5

19ee6e71a941861e0bb8221859583ecc
SHA1

7e386d0940b1ca20dfa882a05a0b8ad729720ea8
SHA256

7b70b72e033611fd105296f7fbb5bb96316a540d57bec89b62799c03b43f635c
SHA512

8a03d502055011dbf76f59d95e44eeb1c7b9c135b1a3cefaa827ca04a55e1d90f6c921d8cf64db883dcd837991972199ec5d336dd1a24c87813e470bbc31ef80
SSDEEP

768:iiTj1r/q7q14pJgRgzlGKnAm0RuUlE0yEykYxf5Ap0sXQoQGOZD0tIeCZ3k:rTjVqm1s5GEArzE0y1LFe+oQpCCC

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

088bc83f3ce2ff5ff7a50c37e06fa2f65e24e2d46b4fedf07d8e43092afe61bf.elf

Resource

debian9-mipsel-en-20211208

debian-9-mipsel

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  088bc83f3ce2ff5ff7a50c37e06fa2f65e24e2d46b4fedf07d8e43092afe61bf.elf
- Size
  
  110KB
- MD5
  
  5b520d742218be4766fc0806b5e6879f
- SHA1
  
  d2fe7010fcab6001f751bf0084a3119ab854301e
- SHA256
  
  088bc83f3ce2ff5ff7a50c37e06fa2f65e24e2d46b4fedf07d8e43092afe61bf
- SHA512
  
  fca44a05c7fdae080885ba1a97b1fcbfa06c332649987c5fc457a12b436ef378d644df5282374b897427ad9e1d16aaf2a888dc3410429525592932e1ff83e325
- SSDEEP
  
  1536:ZLeTikthhSMOCMQS+ZjN4pjuIxreg2ObN2eDo/TUmkiSFxfC7xbXe:ZhHC3S+dUreWNTDiTUmkiSFxfKxbXe
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy