gafgyt | c29c5388824494158022766bae32d86c718e1632f517f669f9834068acc1b834 | Triage

Sharing

General

Target

8cb006902f5d5102a3cd80e18df44a15
Size

144KB
Sample

231220-hjsf8agcbq
MD5

8cb006902f5d5102a3cd80e18df44a15
SHA1

41ef3a277fdd3907ac8cdeeb775c1dd02242e8d6
SHA256

c29c5388824494158022766bae32d86c718e1632f517f669f9834068acc1b834
SHA512

d319f7c9c2a0eb988b12cfc1011ce6587332196c3e9b35f322ee88dcaffc9550ed247a70411524a96fa10088bce5156ed4f5b800cfc14a0e8bf0583321b4ff93
SSDEEP

3072:YqFFH8oB0aLIT3oIzE++PamPBXwwL6xKFmnqQwobnbNu:YqXuaLITOPamPNwwL6xKFmnqQwobnbNu

Score

10^/10

gafgyt discovery

Malware Config

Targets

- Target
  
  8cb006902f5d5102a3cd80e18df44a15
- Size
  
  144KB
- MD5
  
  8cb006902f5d5102a3cd80e18df44a15
- SHA1
  
  41ef3a277fdd3907ac8cdeeb775c1dd02242e8d6
- SHA256
  
  c29c5388824494158022766bae32d86c718e1632f517f669f9834068acc1b834
- SHA512
  
  d319f7c9c2a0eb988b12cfc1011ce6587332196c3e9b35f322ee88dcaffc9550ed247a70411524a96fa10088bce5156ed4f5b800cfc14a0e8bf0583321b4ff93
- SSDEEP
  
  3072:YqFFH8oB0aLIT3oIzE++PamPBXwwL6xKFmnqQwobnbNu:YqXuaLITOPamPNwwL6xKFmnqQwobnbNu
Score

9^/10

discovery
- Contacts a large (23198) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1