gafgyt | fdda74ec2eec96fd06275f065b0beeee8912d54b186f85a94a436fa33b27cd22 | Triage

Sharing

General

Target

e8510a0c97bd1440d7a0e17e54748bc8.elf
Size

147KB
Sample

230328-v2569acc32
MD5

e8510a0c97bd1440d7a0e17e54748bc8
SHA1

db0432b342b724fd5fc6dab4ead2b7a768194807
SHA256

fdda74ec2eec96fd06275f065b0beeee8912d54b186f85a94a436fa33b27cd22
SHA512

618020ade77c1dfc5fe35ba5d2c1deca0a522f0a3620c4454197b64cce8068e72de4487bed4b7c2acbf59512fb7b1751bd0db2473bfa58b99710e2af61284307
SSDEEP

3072:hC2M7tMAQw6x2a7mtvHwr+70YMM/94hmQwfHcQrAN:c2M7tFQvx2aAPY+70fM/94hmQwfHzrAN

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  e8510a0c97bd1440d7a0e17e54748bc8.elf
- Size
  
  147KB
- MD5
  
  e8510a0c97bd1440d7a0e17e54748bc8
- SHA1
  
  db0432b342b724fd5fc6dab4ead2b7a768194807
- SHA256
  
  fdda74ec2eec96fd06275f065b0beeee8912d54b186f85a94a436fa33b27cd22
- SHA512
  
  618020ade77c1dfc5fe35ba5d2c1deca0a522f0a3620c4454197b64cce8068e72de4487bed4b7c2acbf59512fb7b1751bd0db2473bfa58b99710e2af61284307
- SSDEEP
  
  3072:hC2M7tMAQw6x2a7mtvHwr+70YMM/94hmQwfHcQrAN:c2M7tFQvx2aAPY+70fM/94hmQwfHzrAN
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1