gafgyt | 1ae813f4f927b728994e9d71b130f2ea4026e8d843acc55a567870eababe3a5a | Triage

Submit
Reports

Overview

overview

Static

static

7b5a94a084...f3.elf

debian-9-mips

9

Sharing

General

Target

7b5a94a08497c282ff959886f97242f3.elf
Size

155KB
Sample

230404-3zkfrscf6s
MD5

7b5a94a08497c282ff959886f97242f3
SHA1

926fe3a7736bd95aac755c18311c25fde2237ed0
SHA256

1ae813f4f927b728994e9d71b130f2ea4026e8d843acc55a567870eababe3a5a
SHA512

5dbdf7e24b8b7156f03ce6367fe58ddbe58bfe7b554b21ea9d5aaee0f39ff756be8ef74e003ab3504907e685907b4779662c376bd7cef98d91113cdc43bcf44e
SSDEEP

3072:B7esBFP23rWfOB7ZOOyGvWKmrThPaLEne7rNb:1euCloGvrmrThPaLEne7rNb

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

7b5a94a08497c282ff959886f97242f3.elf

Resource

debian9-mipsbe-20221111-en

debian-9-mips

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  7b5a94a08497c282ff959886f97242f3.elf
- Size
  
  155KB
- MD5
  
  7b5a94a08497c282ff959886f97242f3
- SHA1
  
  926fe3a7736bd95aac755c18311c25fde2237ed0
- SHA256
  
  1ae813f4f927b728994e9d71b130f2ea4026e8d843acc55a567870eababe3a5a
- SHA512
  
  5dbdf7e24b8b7156f03ce6367fe58ddbe58bfe7b554b21ea9d5aaee0f39ff756be8ef74e003ab3504907e685907b4779662c376bd7cef98d91113cdc43bcf44e
- SSDEEP
  
  3072:B7esBFP23rWfOB7ZOOyGvWKmrThPaLEne7rNb:1euCloGvrmrThPaLEne7rNb
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy