gafgyt | e7f5b4dc4a77a26e52e648df5928857122e444e90b67857a742ec1e2a93adf35 | Triage

Sharing

General

Target

08dbafe75dcf1e427cc9523303e03d52.elf
Size

101KB
Sample

230408-2stkeshe7s
MD5

08dbafe75dcf1e427cc9523303e03d52
SHA1

b5f6d6f2facf2ecd2d9d50d5ad8215ddb71baaa0
SHA256

e7f5b4dc4a77a26e52e648df5928857122e444e90b67857a742ec1e2a93adf35
SHA512

19d2e61c05d1d93b8e108a0fe3895a5c6d1670b32e0cdad457ed7110c2f206236dda88bd72302b7e9d5c4886e986dd7421f133ccd41a513f0c3e29611aef436e
SSDEEP

3072:SOGAEtZoGZKWl6u4YTnbHibimmFVcqq0G27ZT:SqEtZ755nbHibimmFVcqq0G27ZT

Score

10^/10

gafgyt linux

Malware Config

Targets

- Target
  
  08dbafe75dcf1e427cc9523303e03d52.elf
- Size
  
  101KB
- MD5
  
  08dbafe75dcf1e427cc9523303e03d52
- SHA1
  
  b5f6d6f2facf2ecd2d9d50d5ad8215ddb71baaa0
- SHA256
  
  e7f5b4dc4a77a26e52e648df5928857122e444e90b67857a742ec1e2a93adf35
- SHA512
  
  19d2e61c05d1d93b8e108a0fe3895a5c6d1670b32e0cdad457ed7110c2f206236dda88bd72302b7e9d5c4886e986dd7421f133ccd41a513f0c3e29611aef436e
- SSDEEP
  
  3072:SOGAEtZoGZKWl6u4YTnbHibimmFVcqq0G27ZT:SqEtZ755nbHibimmFVcqq0G27ZT
Score

8^/10
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1