gafgyt | 768d8a5e0bdea22776c1570bf82e7c8089577c7d44d0dee87101992c7bae9827 | Triage

Submit
Reports

Overview

overview

Static

static

x86.elf

ubuntu-18.04-amd64

9

Sharing

General

Target

x86.elf
Size

114KB
Sample

230408-1qgmeafd76
MD5

d219cae24ada1bd4cd696e9830d8d96d
SHA1

4d1b9ec042954e7c2ed9348629318b7936822a40
SHA256

768d8a5e0bdea22776c1570bf82e7c8089577c7d44d0dee87101992c7bae9827
SHA512

a2eaa10d31e5cb41a80cdaeef895c18d36db2c67df714e44e9895e3765ec20f770a9d497accdc4ea0746a95f34390153213e30c4d3199ffa507b740e3e204376
SSDEEP

3072:uirMUYZMo/QJLRZDsqtxqLX5I/uJioub2yd1m7FnVqfJXoebNb:SKo/O8qtUbKRbm7FnVqfJXoebNb

Score

10^/10

gafgyt linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

x86.elf

Resource

ubuntu1804-amd64-20221111-en

ubuntu-18.04-amd64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  x86.elf
- Size
  
  114KB
- MD5
  
  d219cae24ada1bd4cd696e9830d8d96d
- SHA1
  
  4d1b9ec042954e7c2ed9348629318b7936822a40
- SHA256
  
  768d8a5e0bdea22776c1570bf82e7c8089577c7d44d0dee87101992c7bae9827
- SHA512
  
  a2eaa10d31e5cb41a80cdaeef895c18d36db2c67df714e44e9895e3765ec20f770a9d497accdc4ea0746a95f34390153213e30c4d3199ffa507b740e3e204376
- SSDEEP
  
  3072:uirMUYZMo/QJLRZDsqtxqLX5I/uJioub2yd1m7FnVqfJXoebNb:SKo/O8qtUbKRbm7FnVqfJXoebNb
Score

9^/10
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy