gafgyt | f895d5308a4d6a6f8b6d061d11727f9353e586d7e21a78801c8988b917b480a0 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

gafgyt

ubuntu-22.04-amd64

6

Sharing

General

Target

infected.zip
Size

61KB
Sample

240928-k7hm2azgpa
MD5

8182a81c96adfff5e7d73cd815c4b666
SHA1

31e5d88d6dd04d624cb76feae6090a16c03b5cd7
SHA256

f895d5308a4d6a6f8b6d061d11727f9353e586d7e21a78801c8988b917b480a0
SHA512

71f4e3d3beeedce0d70ab1fbc75c1fdae0d52a230254b645bfe898a55d291b4bfebc514871f48b31484b255ad6fd31101e7211a306e3366989a1642ffe145802
SSDEEP

1536:BLGiD3YLRyW39EqlFB9fT0Ht8ny86KjMqchmfF7YMTsOys1+:JfElyWNVlFBtQHCy86KgX4+MTsq1+

Score

10^/10

gafgyt discovery linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

gafgyt

Resource

ubuntu2204-amd64-20240729-en

ubuntu-22.04-amd64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  gafgyt
- Size
  
  175KB
- MD5
  
  c0153aa7187e4eb21e65653e3d9fb54f
- SHA1
  
  b7b196a011b5252a62f67075a0a9893d2effb704
- SHA256
  
  169579c6cb5821c23bf3deaaa749761e440ebe216c11c3633e6d2ce97ca8e5f7
- SHA512
  
  f17e44ff196ed1ae68e7740d264ff7ea11792e1aa7b33bf7dcc503060efa3045f1de01dc08997547ef064a491b0d9ae66f4d6d75662a0b1587d912d0b2627d98
- SSDEEP
  
  3072:K1ggSfoLKaxUOPxXBIOY2ILeTOutJ8adPF4KQTjsz3EosWIeebUfAP2G+STxk:Bva6CXmJxxutJ8adPF4f0EosWIeebUf5
Score

6^/10

discovery
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy