gafgyt | 3f1bf5f312a587387c26255dc98cdaaf890336bf58041566f74171cdea557d47 | Triage

Sharing

General

Target

17280dd176b499b4b529489636afa578.elf
Size

106KB
Sample

230329-qnysssaa8v
MD5

17280dd176b499b4b529489636afa578
SHA1

ab7bce0d4fc8f27073fbf604f3be5d945aa6ba48
SHA256

3f1bf5f312a587387c26255dc98cdaaf890336bf58041566f74171cdea557d47
SHA512

82d88ef81e389737f395ee166515a13f0b316106fba1503196c24c93a777e422148c94187089f6a7ef77014497fed47d78607767cd39b18a92be983f3e964d00
SSDEEP

1536:UeeTu2u8IM46rrMNf4ZcrjYYkUNTEM4+rwBlLNzgLUmkiIF8iCKrmne:UEgrGf4d0EMoPZgUmkiIF8iPrmne

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  17280dd176b499b4b529489636afa578.elf
- Size
  
  106KB
- MD5
  
  17280dd176b499b4b529489636afa578
- SHA1
  
  ab7bce0d4fc8f27073fbf604f3be5d945aa6ba48
- SHA256
  
  3f1bf5f312a587387c26255dc98cdaaf890336bf58041566f74171cdea557d47
- SHA512
  
  82d88ef81e389737f395ee166515a13f0b316106fba1503196c24c93a777e422148c94187089f6a7ef77014497fed47d78607767cd39b18a92be983f3e964d00
- SSDEEP
  
  1536:UeeTu2u8IM46rrMNf4ZcrjYYkUNTEM4+rwBlLNzgLUmkiIF8iCKrmne:UEgrGf4d0EMoPZgUmkiIF8iPrmne
Score

7^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1