gafgyt | aaee23d2c2e97509fca2513ea5140d27841091b43b9fb6f1d21c4c71d9e06811 | Triage

Submit
Reports

Overview

overview

Static

static

285fd9b7ad...bf0fdf

ubuntu-18.04-amd64

7

Sharing

Copy URL Twitter E-mail

General

Target

285fd9b7ade499fa6862447701bf0fdf
Size

113KB
Sample

231219-2qs6wagch3
MD5

285fd9b7ade499fa6862447701bf0fdf
SHA1

a452ddf15f18439404401c82bf2f80ee351f8ae1
SHA256

aaee23d2c2e97509fca2513ea5140d27841091b43b9fb6f1d21c4c71d9e06811
SHA512

a9b49122075953a80b1bfc88738fbf537c8de372a5e05ede2affe4af0fd33d75b5df0b4c8f910f708f2e72029d4aacbde49f07fb89fd9a62f74444a402a863a3
SSDEEP

3072:j98HdmPaFGq5PBSVjDW6iw7qLQ68E97JEXPk7fD162fDnt7jsEmST0nYXbg1DE:juH8+5PBSVjDW6XNu1EXPOfD162J/sEL

Score

10^/10

gafgyt linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

285fd9b7ade499fa6862447701bf0fdf

Resource

ubuntu1804-amd64-20231215-en

ubuntu-18.04-amd64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  285fd9b7ade499fa6862447701bf0fdf
- Size
  
  113KB
- MD5
  
  285fd9b7ade499fa6862447701bf0fdf
- SHA1
  
  a452ddf15f18439404401c82bf2f80ee351f8ae1
- SHA256
  
  aaee23d2c2e97509fca2513ea5140d27841091b43b9fb6f1d21c4c71d9e06811
- SHA512
  
  a9b49122075953a80b1bfc88738fbf537c8de372a5e05ede2affe4af0fd33d75b5df0b4c8f910f708f2e72029d4aacbde49f07fb89fd9a62f74444a402a863a3
- SSDEEP
  
  3072:j98HdmPaFGq5PBSVjDW6iw7qLQ68E97JEXPk7fD162fDnt7jsEmST0nYXbg1DE:juH8+5PBSVjDW6XNu1EXPOfD162J/sEL
Score

7^/10
- Changes its process name
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy