gafgyt | 633cdd39c6568bb6285cb1d18e184290558947013a7bba4b6be8ca999ba4d074 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

24727a5526...01.elf

debian-9-mipsel

6

Sharing

General

Target

24727a55266ee8f79e16d00454c7c701.elf
Size

119KB
Sample

230827-snfy4ace8w
MD5

24727a55266ee8f79e16d00454c7c701
SHA1

e139efb0b15b95f3c21db51b2251b701e54735fc
SHA256

633cdd39c6568bb6285cb1d18e184290558947013a7bba4b6be8ca999ba4d074
SHA512

8c4fef07fa112f6fc6db522a49d92426d73690afcf489ef306371c79a307a195f2103f10c134a0c10f8b9c699fcf2405d3dd955bf54aebf2799c9eabb39846f3
SSDEEP

1536:Y/eTSqoVbv27X/T9MVmpZx36b059MvJiXC1oymcLL24OdiaF/+gUmkigFxfC7cgQ:YgoqT9t5moaTLuieUmkigFxfKcgnQ

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

24727a55266ee8f79e16d00454c7c701.elf

Resource

debian9-mipsel-20221111-en

debian-9-mipsel

2 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

45.13.119.116:6149

Targets

- Target
  
  24727a55266ee8f79e16d00454c7c701.elf
- Size
  
  119KB
- MD5
  
  24727a55266ee8f79e16d00454c7c701
- SHA1
  
  e139efb0b15b95f3c21db51b2251b701e54735fc
- SHA256
  
  633cdd39c6568bb6285cb1d18e184290558947013a7bba4b6be8ca999ba4d074
- SHA512
  
  8c4fef07fa112f6fc6db522a49d92426d73690afcf489ef306371c79a307a195f2103f10c134a0c10f8b9c699fcf2405d3dd955bf54aebf2799c9eabb39846f3
- SSDEEP
  
  1536:Y/eTSqoVbv27X/T9MVmpZx36b059MvJiXC1oymcLL24OdiaF/+gUmkigFxfC7cgQ:YgoqT9t5moaTLuieUmkigFxfKcgnQ
Score

6^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy