gafgyt | 7808d7414d5c7c7f3705f4b40d28234d736d895dc562f12103436440f44ab385 | Triage

Submit
Reports

Overview

overview

Static

static

bb9b23ba77...kes118

ubuntu-24.04-amd64

7

Sharing

General

Target

bb9b23ba771cc37d8114933b09b568f9_JaffaCakes118
Size

98KB
Sample

240823-nyyjnssbnd
MD5

bb9b23ba771cc37d8114933b09b568f9
SHA1

541eb366b02fd58bff466f57af95cc499647da43
SHA256

7808d7414d5c7c7f3705f4b40d28234d736d895dc562f12103436440f44ab385
SHA512

89dd2b40894f6d84abb59323de9a32160edd3c665c72f6941e6fb4d2c292356ed14b860c01c017c9ef4f2f84cbb4fcb9cf06c942036f9f81ef108347f9379da5
SSDEEP

3072:rAsWIUNN1SvsMn5BMFbp94bHimS0veewQ08N:nKeUaSb8bHimS0veewQ08N

Score

10^/10

gafgyt linux rootkit

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

bb9b23ba771cc37d8114933b09b568f9_JaffaCakes118

Resource

ubuntu2404-amd64-20240523-en

ubuntu-24.04-amd64

1 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

185.165.29.127:666

Targets

- Target
  
  bb9b23ba771cc37d8114933b09b568f9_JaffaCakes118
- Size
  
  98KB
- MD5
  
  bb9b23ba771cc37d8114933b09b568f9
- SHA1
  
  541eb366b02fd58bff466f57af95cc499647da43
- SHA256
  
  7808d7414d5c7c7f3705f4b40d28234d736d895dc562f12103436440f44ab385
- SHA512
  
  89dd2b40894f6d84abb59323de9a32160edd3c665c72f6941e6fb4d2c292356ed14b860c01c017c9ef4f2f84cbb4fcb9cf06c942036f9f81ef108347f9379da5
- SSDEEP
  
  3072:rAsWIUNN1SvsMn5BMFbp94bHimS0veewQ08N:nKeUaSb8bHimS0veewQ08N
Score

7^/10

rootkit
- Loads a kernel module
  Loads a Linux kernel module, potentially to achieve persistence
  rootkit
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy