gafgyt | ae8864207b9f92aaee1d1f1932106c844b3206445a68d5a4f999a9facc3a8f90 | Triage

Submit
Reports

Overview

overview

Static

static

e0113fd000...3b.elf

debian-9-mipsel

9

Sharing

General

Target

e0113fd000895171bba71f683045a63b.elf
Size

155KB
Sample

230404-jmjh6afd91
MD5

e0113fd000895171bba71f683045a63b
SHA1

d015dd50eec91d022793d6b90832aa5fc5bc38a3
SHA256

ae8864207b9f92aaee1d1f1932106c844b3206445a68d5a4f999a9facc3a8f90
SHA512

601f164f524f0f4c3d7d56ea1cf2c2444b3a3ec917a0dc44a3be195b30b7e0a55dd3d175129e6ee3c6b6ab32573eb4c46fc7fabf71c51bcdfb5e83d1789dff77
SSDEEP

3072:1LNqrhHZ0P6bRFBQinfRjHkLwmrThPaLEne7rNb:1Lsrr0PeRTJZgLwmrThPaLEne7rNb

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

e0113fd000895171bba71f683045a63b.elf

Resource

debian9-mipsel-en-20211208

debian-9-mipsel

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  e0113fd000895171bba71f683045a63b.elf
- Size
  
  155KB
- MD5
  
  e0113fd000895171bba71f683045a63b
- SHA1
  
  d015dd50eec91d022793d6b90832aa5fc5bc38a3
- SHA256
  
  ae8864207b9f92aaee1d1f1932106c844b3206445a68d5a4f999a9facc3a8f90
- SHA512
  
  601f164f524f0f4c3d7d56ea1cf2c2444b3a3ec917a0dc44a3be195b30b7e0a55dd3d175129e6ee3c6b6ab32573eb4c46fc7fabf71c51bcdfb5e83d1789dff77
- SSDEEP
  
  3072:1LNqrhHZ0P6bRFBQinfRjHkLwmrThPaLEne7rNb:1Lsrr0PeRTJZgLwmrThPaLEne7rNb
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy