gafgyt | 220e5d1e6ef99d2e6864d505a22c210a3957f54d468ed0b1b61ee79d2aaa2a83 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

718105f357...4edfe4

debian-9-armhf

6

Sharing

General

Target

718105f3577cf87fb76f5577744edfe4
Size

88KB
Sample

231220-adzpcaagam
MD5

718105f3577cf87fb76f5577744edfe4
SHA1

3020b14b0788b816df2e91e7c88f51539c0c7f94
SHA256

220e5d1e6ef99d2e6864d505a22c210a3957f54d468ed0b1b61ee79d2aaa2a83
SHA512

b526a974c36e7cca22af86fd8f8e14dca17aa9defbb0b43ba11f6dcf32955cf5309600e32c517f9cf8dff88c609d88a12d55844b64ef8e443f389f8b65554909
SSDEEP

1536:KeCWdR00boWGmYVTOiInnHWjqUdXz7mko/uyuHmZaqQ4KkJRE3bj:dY03YEn0qmz7mkQuyemZaqQ4KoRE3bj

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

718105f3577cf87fb76f5577744edfe4

Resource

debian9-armhf-20231215-en

debian-9-armhf

2 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

185.244.25.254:6667

Targets

- Target
  
  718105f3577cf87fb76f5577744edfe4
- Size
  
  88KB
- MD5
  
  718105f3577cf87fb76f5577744edfe4
- SHA1
  
  3020b14b0788b816df2e91e7c88f51539c0c7f94
- SHA256
  
  220e5d1e6ef99d2e6864d505a22c210a3957f54d468ed0b1b61ee79d2aaa2a83
- SHA512
  
  b526a974c36e7cca22af86fd8f8e14dca17aa9defbb0b43ba11f6dcf32955cf5309600e32c517f9cf8dff88c609d88a12d55844b64ef8e443f389f8b65554909
- SSDEEP
  
  1536:KeCWdR00boWGmYVTOiInnHWjqUdXz7mko/uyuHmZaqQ4KkJRE3bj:dY03YEn0qmz7mkQuyemZaqQ4KoRE3bj
Score

6^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy