gafgyt | 1ebd37d12f91c7d7385359cbd0d40e21c32df216de003f4e9cb31c7e06c93e62 | Triage

Sharing

General

Target

1ebd37d12f91c7d7385359cbd0d40e21c32df216de003f4e9cb31c7e06c93e62.elf
Size

112KB
Sample

240316-ckxvfahd4x
MD5

33d66289ba95f79d069086753c6fb978
SHA1

92f313d1a0fee21f39af50e50247328bf89b5eaf
SHA256

1ebd37d12f91c7d7385359cbd0d40e21c32df216de003f4e9cb31c7e06c93e62
SHA512

aeb8911d63231cd1933dbe71f0032c77d93719d9712efcf7bee37aa63a41ed9984bfa0d2c687a959941755eccf67c17c50cc1ebb61e504327ccb26634a843a9a
SSDEEP

1536:JN2UgekCHMVuDZ3p/+KSUZwst5hcdRtSuqom1DjF9GhCPRiAe:JN/HNKYwk5hcdRkJom1DjF9GhsRiAe

Score

10^/10

gafgyt

Malware Config

Targets

- Target
  
  1ebd37d12f91c7d7385359cbd0d40e21c32df216de003f4e9cb31c7e06c93e62.elf
- Size
  
  112KB
- MD5
  
  33d66289ba95f79d069086753c6fb978
- SHA1
  
  92f313d1a0fee21f39af50e50247328bf89b5eaf
- SHA256
  
  1ebd37d12f91c7d7385359cbd0d40e21c32df216de003f4e9cb31c7e06c93e62
- SHA512
  
  aeb8911d63231cd1933dbe71f0032c77d93719d9712efcf7bee37aa63a41ed9984bfa0d2c687a959941755eccf67c17c50cc1ebb61e504327ccb26634a843a9a
- SSDEEP
  
  1536:JN2UgekCHMVuDZ3p/+KSUZwst5hcdRtSuqom1DjF9GhCPRiAe:JN/HNKYwk5hcdRkJom1DjF9GhsRiAe
Score

6^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1