gafgyt | 084d4720186673c63a5ab80da878ff2aee141e52b3b3372004596e603f5f27be | Triage

Submit
Reports

Overview

overview

Static

static

084d472018...be.elf

ubuntu-20.04-amd64

6

Sharing

Copy URL Twitter E-mail

General

Target

084d4720186673c63a5ab80da878ff2aee141e52b3b3372004596e603f5f27be.elf
Size

168KB
Sample

240428-bd6y4acg7w
MD5

9f9730775b3c91bd9ff754a5b2d63afd
SHA1

d4b26c5fda2b06a7ea408536b2d1825ff3622c38
SHA256

084d4720186673c63a5ab80da878ff2aee141e52b3b3372004596e603f5f27be
SHA512

50005c3bfbfc5bfe062e61ba4eb5251fae0be94c54e764a8c2c12ec28c15350b25a769d0476e0f031e42a1a747f58f4229cf5059cd60c65a32b77565d45847e7
SSDEEP

3072:wM7j3urga8rGzarvjNmqXT7cCEAqmuZVkfP5Al:wMn0ga0rvjNmSTU/muZVkn5Al

Score

10^/10

gafgyt linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

084d4720186673c63a5ab80da878ff2aee141e52b3b3372004596e603f5f27be.elf

Resource

ubuntu2004-amd64-20240221-en

ubuntu-20.04-amd64

4 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

2.58.95.131:65481

Targets

- Target
  
  084d4720186673c63a5ab80da878ff2aee141e52b3b3372004596e603f5f27be.elf
- Size
  
  168KB
- MD5
  
  9f9730775b3c91bd9ff754a5b2d63afd
- SHA1
  
  d4b26c5fda2b06a7ea408536b2d1825ff3622c38
- SHA256
  
  084d4720186673c63a5ab80da878ff2aee141e52b3b3372004596e603f5f27be
- SHA512
  
  50005c3bfbfc5bfe062e61ba4eb5251fae0be94c54e764a8c2c12ec28c15350b25a769d0476e0f031e42a1a747f58f4229cf5059cd60c65a32b77565d45847e7
- SSDEEP
  
  3072:wM7j3urga8rGzarvjNmqXT7cCEAqmuZVkfP5Al:wMn0ga0rvjNmSTU/muZVkn5Al
Score

6^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy