gafgyt | 742de6c44950f5cd0a885aab75f39a4161321bdebbfea532806ee9b85a7ac5cc | Triage

Submit
Reports

Overview

overview

Static

static

5a2122baac...206a75

debian-9-armhf

9

Sharing

Copy URL Twitter E-mail

General

Target

5a2122baac7f80d980146be108206a75
Size

149KB
Sample

231219-3a3k2sdder
MD5

5a2122baac7f80d980146be108206a75
SHA1

35bf8db2632c318b1c5d049e5546c2fce44a6d7d
SHA256

742de6c44950f5cd0a885aab75f39a4161321bdebbfea532806ee9b85a7ac5cc
SHA512

ef043242b6946d082085dec342db6f151495dde64dc9affe529875362fe4aaa55ffd83b2f62eeaff20da1670bf18d6c0f800e7f090b8fdd44bfd307466aafe81
SSDEEP

3072:RYG7EQwELKaUDC3sI7F+oFSQbtllQKvC1lAFmnfQwo2/0Nu:RYfNlaUDC7FSQbW1AFmnfQwo2/0Nu

Score

10^/10

gafgyt discovery

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

5a2122baac7f80d980146be108206a75

Resource

debian9-armhf-20231215-en

debian-9-armhf

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  5a2122baac7f80d980146be108206a75
- Size
  
  149KB
- MD5
  
  5a2122baac7f80d980146be108206a75
- SHA1
  
  35bf8db2632c318b1c5d049e5546c2fce44a6d7d
- SHA256
  
  742de6c44950f5cd0a885aab75f39a4161321bdebbfea532806ee9b85a7ac5cc
- SHA512
  
  ef043242b6946d082085dec342db6f151495dde64dc9affe529875362fe4aaa55ffd83b2f62eeaff20da1670bf18d6c0f800e7f090b8fdd44bfd307466aafe81
- SSDEEP
  
  3072:RYG7EQwELKaUDC3sI7F+oFSQbtllQKvC1lAFmnfQwo2/0Nu:RYfNlaUDC7FSQbW1AFmnfQwo2/0Nu
Score

9^/10

discovery
- Contacts a large (22396) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy