gafgyt | fadecb7eb94e6d50ec2190c7b72579390aef403777525b1ccb69609cfbbfbbac | Triage

Sharing

General

Target

527576efc548699111a619114120e944
Size

122KB
Sample

231219-2789esfbh8
MD5

527576efc548699111a619114120e944
SHA1

b1db89be4a800c4381fb30f1698685b67a6987d6
SHA256

fadecb7eb94e6d50ec2190c7b72579390aef403777525b1ccb69609cfbbfbbac
SHA512

f8709e44edd909c557b3e282c802c4b8365268a36380defe905a68396652dd9f831943679047b0b4af74228086a5b79aa9aafffb805d0b34ded228485ab7b1d1
SSDEEP

1536:R7ju1TGRq+bEYQ42rKVuWW+0iVqbWqVL/er666663ZZFcyOOYu6vimWt0zFufCyO:Mk730iIvVLhZcy8imWOzFufJ02vI

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

209.141.50.57:3312

Targets

- Target
  
  527576efc548699111a619114120e944
- Size
  
  122KB
- MD5
  
  527576efc548699111a619114120e944
- SHA1
  
  b1db89be4a800c4381fb30f1698685b67a6987d6
- SHA256
  
  fadecb7eb94e6d50ec2190c7b72579390aef403777525b1ccb69609cfbbfbbac
- SHA512
  
  f8709e44edd909c557b3e282c802c4b8365268a36380defe905a68396652dd9f831943679047b0b4af74228086a5b79aa9aafffb805d0b34ded228485ab7b1d1
- SSDEEP
  
  1536:R7ju1TGRq+bEYQ42rKVuWW+0iVqbWqVL/er666663ZZFcyOOYu6vimWt0zFufCyO:Mk730iIvVLhZcy8imWOzFufJ02vI
Score

6^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1