gafgyt | 9c08487094c02b70fdca7e13542490d8f26c0aa95a26fe05dfff27cc25da7d12 | Triage

Submit
Reports

Overview

overview

Static

static

de3bdf7e4b...be.elf

ubuntu-18.04-amd64

7

Sharing

Copy URL Twitter E-mail

General

Target

de3bdf7e4bbf2f55263bb6976b20b5be.elf
Size

109KB
Sample

231022-pl66qaaa57
MD5

de3bdf7e4bbf2f55263bb6976b20b5be
SHA1

73c715f02e6bf1b0f26e32a1376b722d84c38eeb
SHA256

9c08487094c02b70fdca7e13542490d8f26c0aa95a26fe05dfff27cc25da7d12
SHA512

4afad15e0528e609b050b4eb8bfc11001076bad2b1008a34b3c50b8dbc109197070fb58064cda49c3e3624f57d6eef4ba39ad83091bfdbc816188d4d7dc56ae0
SSDEEP

3072:0Gtk0JeaJyG3AF0nbgChZes7q7oCkmOXBmIpcks6JyfMT:NkyeO0C8Ch84BmIpcks6JyfMT

Score

10^/10

gafgyt linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

de3bdf7e4bbf2f55263bb6976b20b5be.elf

Resource

ubuntu1804-amd64-20231020-en

ubuntu-18.04-amd64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  de3bdf7e4bbf2f55263bb6976b20b5be.elf
- Size
  
  109KB
- MD5
  
  de3bdf7e4bbf2f55263bb6976b20b5be
- SHA1
  
  73c715f02e6bf1b0f26e32a1376b722d84c38eeb
- SHA256
  
  9c08487094c02b70fdca7e13542490d8f26c0aa95a26fe05dfff27cc25da7d12
- SHA512
  
  4afad15e0528e609b050b4eb8bfc11001076bad2b1008a34b3c50b8dbc109197070fb58064cda49c3e3624f57d6eef4ba39ad83091bfdbc816188d4d7dc56ae0
- SSDEEP
  
  3072:0Gtk0JeaJyG3AF0nbgChZes7q7oCkmOXBmIpcks6JyfMT:NkyeO0C8Ch84BmIpcks6JyfMT
Score

7^/10
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy