gafgyt | 5032c13a81abf008b575d620cdbc274fd9cc1fcdb4507dc4db3a7ecbd6c083a8 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

9359a7cd10...663bb6

debian-9-armhf

6

Sharing

General

Target

9359a7cd1014eaa44ce4fc0ab5663bb6
Size

124KB
Sample

231220-j29c5aecf9
MD5

9359a7cd1014eaa44ce4fc0ab5663bb6
SHA1

a60b682b2b105f9d2e7f3dad6c1c60dd27a1ea29
SHA256

5032c13a81abf008b575d620cdbc274fd9cc1fcdb4507dc4db3a7ecbd6c083a8
SHA512

1466dd133995c13db35ecf2a9e869731bfe4343597dba2fb8e80534543ba196ab1dc83b509c9917b5e0395469a087cde067a8ce1a919cb54022102ba5289a866
SSDEEP

3072:afTWBH80vJ0qgsgj9LsXN6Nas6wdQaJZLE94I:ZvJzgj9LsXaas6wdQaJZLE94I

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

9359a7cd1014eaa44ce4fc0ab5663bb6

Resource

debian9-armhf-20231215-en

debian-9-armhf

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  9359a7cd1014eaa44ce4fc0ab5663bb6
- Size
  
  124KB
- MD5
  
  9359a7cd1014eaa44ce4fc0ab5663bb6
- SHA1
  
  a60b682b2b105f9d2e7f3dad6c1c60dd27a1ea29
- SHA256
  
  5032c13a81abf008b575d620cdbc274fd9cc1fcdb4507dc4db3a7ecbd6c083a8
- SHA512
  
  1466dd133995c13db35ecf2a9e869731bfe4343597dba2fb8e80534543ba196ab1dc83b509c9917b5e0395469a087cde067a8ce1a919cb54022102ba5289a866
- SSDEEP
  
  3072:afTWBH80vJ0qgsgj9LsXN6Nas6wdQaJZLE94I:ZvJzgj9LsXaas6wdQaJZLE94I
Score

6^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy