gafgyt | 19936aea14ea5d32bf54625c3a2e6d735e24b866ff33f76d3d654620ecb2f0fa | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

4d21edf2f0...22.elf

debian-9-armhf

7

Sharing

General

Target

4d21edf2f074bb83a118e4321c912922.elf
Size

127KB
Sample

240219-ltcqascd39
MD5

4d21edf2f074bb83a118e4321c912922
SHA1

7816908c6cf7c4c105338a097a84578602396f7b
SHA256

19936aea14ea5d32bf54625c3a2e6d735e24b866ff33f76d3d654620ecb2f0fa
SHA512

1da50741de1b474fa6e77cfc488976f9558650a4ff0be7a089dfb86138daabfa89f97b786b842418049b8a26ed95fbf7b52c04543c736939656d898d7590335a
SSDEEP

3072:+DShVLkDZ6waCAdclEbYJOmP46aQyfPluesNb:VhVeZ6zclEboOmP46aQyfPluesNb

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

4d21edf2f074bb83a118e4321c912922.elf

Resource

debian9-armhf-20231215-en

debian-9-armhf

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  4d21edf2f074bb83a118e4321c912922.elf
- Size
  
  127KB
- MD5
  
  4d21edf2f074bb83a118e4321c912922
- SHA1
  
  7816908c6cf7c4c105338a097a84578602396f7b
- SHA256
  
  19936aea14ea5d32bf54625c3a2e6d735e24b866ff33f76d3d654620ecb2f0fa
- SHA512
  
  1da50741de1b474fa6e77cfc488976f9558650a4ff0be7a089dfb86138daabfa89f97b786b842418049b8a26ed95fbf7b52c04543c736939656d898d7590335a
- SSDEEP
  
  3072:+DShVLkDZ6waCAdclEbYJOmP46aQyfPluesNb:VhVeZ6zclEboOmP46aQyfPluesNb
Score

7^/10
- Changes its process name
- Executes dropped EXE
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy