gafgyt | 30c858105b00864bbb38f2ec543c2ac4a920ab61acc949d2b7d872ba14b5b120 | Triage

Submit
Reports

Overview

overview

Static

static

b4bf0c6fc4...9671dc

debian-9-armhf

6

Sharing

Copy URL Twitter E-mail

General

Target

b4bf0c6fc4462e2f160665b57d9671dc
Size

118KB
Sample

240305-p585esgb64
MD5

b4bf0c6fc4462e2f160665b57d9671dc
SHA1

26a45e5e7985b5d5e09a99b90f6f2707b0842608
SHA256

30c858105b00864bbb38f2ec543c2ac4a920ab61acc949d2b7d872ba14b5b120
SHA512

5099840df0fcc71c506e15e29e3d176cd981c58b3e94f196f64fc1b08d17da2776dd80c1cdc1a7f475e6b1ddaa41f6bb24e17de7e71a06257f598167e3fe312f
SSDEEP

3072:WkYPgPggnAb0JWaY/VfBEDx0dn+mTQOY5NX3cn:lYPgPggI4Wa8BEDW+mTQOY5R3cn

Score

10^/10

gafgyt

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

b4bf0c6fc4462e2f160665b57d9671dc

Resource

debian9-armhf-20240226-en

debian-9-armhf

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  b4bf0c6fc4462e2f160665b57d9671dc
- Size
  
  118KB
- MD5
  
  b4bf0c6fc4462e2f160665b57d9671dc
- SHA1
  
  26a45e5e7985b5d5e09a99b90f6f2707b0842608
- SHA256
  
  30c858105b00864bbb38f2ec543c2ac4a920ab61acc949d2b7d872ba14b5b120
- SHA512
  
  5099840df0fcc71c506e15e29e3d176cd981c58b3e94f196f64fc1b08d17da2776dd80c1cdc1a7f475e6b1ddaa41f6bb24e17de7e71a06257f598167e3fe312f
- SSDEEP
  
  3072:WkYPgPggnAb0JWaY/VfBEDx0dn+mTQOY5NX3cn:lYPgPggI4Wa8BEDW+mTQOY5R3cn
Score

6^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy