gafgyt | 4a173da1434e244f302632a8830f90204b29197374d4a1624a718583627b5d73 | Triage

Submit
Reports

Overview

overview

Static

static

mips.elf

debian-9-mips

6

Sharing

General

Target

mips.elf
Size

183KB
Sample

241021-pl6vystdlg
MD5

29d9d49e08db8b35653124cee164fcd9
SHA1

8e9bbcf430b94ceb7259ee1bd73e0e9efe01a443
SHA256

4a173da1434e244f302632a8830f90204b29197374d4a1624a718583627b5d73
SHA512

b663eefea461ce2332b2808310e1c4dee685d695dc17c267e0766d9ba57babe3900b3bd1fe6faf3c858248426288824a935750fd3429456ca31435f6c3b477a6
SSDEEP

3072:UhZRj5n9EmzUyMhp5hWTt5s1qAuhmv8uqx1BVnKoe:mjrYZp5hWJ5Lhmv8uqx1BVnKoe

Score

10^/10

gafgyt discovery

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

mips.elf

Resource

debian9-mipsbe-20240611-en

debian-9-mips

3 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

159.100.14.37:6060

Targets

- Target
  
  mips.elf
- Size
  
  183KB
- MD5
  
  29d9d49e08db8b35653124cee164fcd9
- SHA1
  
  8e9bbcf430b94ceb7259ee1bd73e0e9efe01a443
- SHA256
  
  4a173da1434e244f302632a8830f90204b29197374d4a1624a718583627b5d73
- SHA512
  
  b663eefea461ce2332b2808310e1c4dee685d695dc17c267e0766d9ba57babe3900b3bd1fe6faf3c858248426288824a935750fd3429456ca31435f6c3b477a6
- SSDEEP
  
  3072:UhZRj5n9EmzUyMhp5hWTt5s1qAuhmv8uqx1BVnKoe:mjrYZp5hWJ5Lhmv8uqx1BVnKoe
Score

6^/10

discovery
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy