gafgyt | b08dea7aae12f248b7730af3c8f924dd67d3251d78df15a9dfb75e5d961df152 | Triage

Sharing

General

Target

b08dea7aae12f248b7730af3c8f924dd67d3251d78df15a9dfb75e5d961df152.elf
Size

211KB
Sample

241020-c7zmjsvalf
MD5

455a2acf75de8da6ab7c4d9564cc69f9
SHA1

9e6016c6581289e685bcd6392bbf0bcf6b1182ff
SHA256

b08dea7aae12f248b7730af3c8f924dd67d3251d78df15a9dfb75e5d961df152
SHA512

a76b00d7f684d762ea9d5fa60d579d70b8bdfe75faedb59baae6ffb676d25d57826cde4a639c0b32dfcc3288a965591e148a489e6259910e3e0dbee90ccadeab
SSDEEP

6144:qp5UYf43Dj4ohqetJ8addQpo5dfi+VqDw8uDik:fpMetJ8aKo5dfi+VqDw8uDik

Score

10^/10

gafgyt discovery

Malware Config

Targets

- Target
  
  b08dea7aae12f248b7730af3c8f924dd67d3251d78df15a9dfb75e5d961df152.elf
- Size
  
  211KB
- MD5
  
  455a2acf75de8da6ab7c4d9564cc69f9
- SHA1
  
  9e6016c6581289e685bcd6392bbf0bcf6b1182ff
- SHA256
  
  b08dea7aae12f248b7730af3c8f924dd67d3251d78df15a9dfb75e5d961df152
- SHA512
  
  a76b00d7f684d762ea9d5fa60d579d70b8bdfe75faedb59baae6ffb676d25d57826cde4a639c0b32dfcc3288a965591e148a489e6259910e3e0dbee90ccadeab
- SSDEEP
  
  6144:qp5UYf43Dj4ohqetJ8addQpo5dfi+VqDw8uDik:fpMetJ8aKo5dfi+VqDw8uDik
Score

6^/10

discovery
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1