gafgyt | 99c8ec62e2b41bdf8b4e7e4e287f48f26d29d4a967e37fd9155c6578cf1f7df8 | Triage

Submit
Reports

Overview

overview

Static

static

telnet.elf

ubuntu-20.04-amd64

6

Sharing

General

Target

telnet.elf
Size

168KB
Sample

240427-tagtxacg33
MD5

1d032a3e53d9514730cb5aacd22c00f3
SHA1

c0738fcfe225d814522fd54790a6b580d67ade28
SHA256

99c8ec62e2b41bdf8b4e7e4e287f48f26d29d4a967e37fd9155c6578cf1f7df8
SHA512

39b92e68b4847f0ab1db022c0b6ffc8f7f294c975e48a3b25b44e6cc4233592bc6821de549c3fc0237beaf0721ebafb8316e2e2939ee3a4fbc8d07da58a6cfad
SSDEEP

3072:yjROUV7PwNC5sfwxwv10JWKqT5cCLaufhmuZVkfP5Al:yjZV7YNrv10JWKqTRaufhmuZVkn5Al

Score

10^/10

gafgyt linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

telnet.elf

Resource

ubuntu2004-amd64-20240418-en

ubuntu-20.04-amd64

4 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

2.58.95.131:65481

Targets

- Target
  
  telnet.elf
- Size
  
  168KB
- MD5
  
  1d032a3e53d9514730cb5aacd22c00f3
- SHA1
  
  c0738fcfe225d814522fd54790a6b580d67ade28
- SHA256
  
  99c8ec62e2b41bdf8b4e7e4e287f48f26d29d4a967e37fd9155c6578cf1f7df8
- SHA512
  
  39b92e68b4847f0ab1db022c0b6ffc8f7f294c975e48a3b25b44e6cc4233592bc6821de549c3fc0237beaf0721ebafb8316e2e2939ee3a4fbc8d07da58a6cfad
- SSDEEP
  
  3072:yjROUV7PwNC5sfwxwv10JWKqT5cCLaufhmuZVkfP5Al:yjZV7YNrv10JWKqTRaufhmuZVkn5Al
Score

6^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy