gafgyt | 46b8635c70f11f34e223612e0241ef470bfed57ec0793b923cd4a3f720718086 | Triage

Sharing

General

Target

6001bb7728a45b366404daaadc1b817d.elf
Size

148KB
Sample

230403-pphmjagc3v
MD5

6001bb7728a45b366404daaadc1b817d
SHA1

cb193eff3ef449e31f200ee87f38682c76410542
SHA256

46b8635c70f11f34e223612e0241ef470bfed57ec0793b923cd4a3f720718086
SHA512

98de0d98aaed6c2c333704a6f7c821c646b88c5099ae1772c26475a0fe8b6bfd68862e2e65e9d21633b5d48b50e681d82053803ce81e260bc7ea90cdaeac1d76
SSDEEP

1536:bVeTpqCVvWRYx0O9vPBysZgvsgxqAz/0ufMytVkpLtaoLAImlP+s4zWfOodW:byvWmBx+sK/PflKgImlWs4zWfOodW

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

88.208.199.38:23

Targets

- Target
  
  6001bb7728a45b366404daaadc1b817d.elf
- Size
  
  148KB
- MD5
  
  6001bb7728a45b366404daaadc1b817d
- SHA1
  
  cb193eff3ef449e31f200ee87f38682c76410542
- SHA256
  
  46b8635c70f11f34e223612e0241ef470bfed57ec0793b923cd4a3f720718086
- SHA512
  
  98de0d98aaed6c2c333704a6f7c821c646b88c5099ae1772c26475a0fe8b6bfd68862e2e65e9d21633b5d48b50e681d82053803ce81e260bc7ea90cdaeac1d76
- SSDEEP
  
  1536:bVeTpqCVvWRYx0O9vPBysZgvsgxqAz/0ufMytVkpLtaoLAImlP+s4zWfOodW:byvWmBx+sK/PflKgImlWs4zWfOodW
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1