gafgyt | 33272fddc008b1c2aa01717a4b182bcacada76728220c07f97f5ae4c5cec22ea | Triage

Sharing

General

Target

510e35e9be8a440c831901ac561e0c1e
Size

116KB
Sample

231219-27slnsbhak
MD5

510e35e9be8a440c831901ac561e0c1e
SHA1

facc5df6a1c3300947eca9ea7bab26adefd9f7de
SHA256

33272fddc008b1c2aa01717a4b182bcacada76728220c07f97f5ae4c5cec22ea
SHA512

18c2da57ed5bff48e4e78796aef5385e1b054ffd0323f31c154452e9aa0e795b3a692a22986ab6a0d77ad62936590601cedffad19a8531e24b302cc69ece0739
SSDEEP

1536:p7j71TRAq+TYbgRZpHIrq2rKVe2+LZd7amB6PMm5nhe1C+k9DxIm/x0uF/+ZYleR:NnlUJqamBSN5niC+kxxIm/iuF/+WleWI

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

185.52.1.235:3951

Targets

- Target
  
  510e35e9be8a440c831901ac561e0c1e
- Size
  
  116KB
- MD5
  
  510e35e9be8a440c831901ac561e0c1e
- SHA1
  
  facc5df6a1c3300947eca9ea7bab26adefd9f7de
- SHA256
  
  33272fddc008b1c2aa01717a4b182bcacada76728220c07f97f5ae4c5cec22ea
- SHA512
  
  18c2da57ed5bff48e4e78796aef5385e1b054ffd0323f31c154452e9aa0e795b3a692a22986ab6a0d77ad62936590601cedffad19a8531e24b302cc69ece0739
- SSDEEP
  
  1536:p7j71TRAq+TYbgRZpHIrq2rKVe2+LZd7amB6PMm5nhe1C+k9DxIm/x0uF/+ZYleR:NnlUJqamBSN5niC+kxxIm/iuF/+WleWI
Score

6^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1