gafgyt | b24c8c4ebb67b6746024dc12991bb19898bd4a18e0e9761fe48c511fdbf411dc | Triage

Sharing

General

Target

95dac8364f9c19780a0a71afe81efae8_JaffaCakes118
Size

83KB
Sample

241124-twvynaxrat
MD5

95dac8364f9c19780a0a71afe81efae8
SHA1

cddf37d0c90ca02b322a08014fb605b5e68b8305
SHA256

b24c8c4ebb67b6746024dc12991bb19898bd4a18e0e9761fe48c511fdbf411dc
SHA512

a7568474a06b9d6d6113a132fa34d449213a5da444b45f54eb7aa1e737b7e0384c95c68fe708d6fd503ab200295b8327fe88135ed561f1633c9c2c262edf2605
SSDEEP

1536:GWIQUbUmZ8wG1/xhyxSeG2Ij+LJonAjxmnynMxiicHFmUEkvhOQyWvGG0k:GwUbUmZ8JFxhySebG+LyvynuiicHFmD8

Score

10^/10

gafgyt discovery linux

Malware Config

Targets

- Target
  
  95dac8364f9c19780a0a71afe81efae8_JaffaCakes118
- Size
  
  83KB
- MD5
  
  95dac8364f9c19780a0a71afe81efae8
- SHA1
  
  cddf37d0c90ca02b322a08014fb605b5e68b8305
- SHA256
  
  b24c8c4ebb67b6746024dc12991bb19898bd4a18e0e9761fe48c511fdbf411dc
- SHA512
  
  a7568474a06b9d6d6113a132fa34d449213a5da444b45f54eb7aa1e737b7e0384c95c68fe708d6fd503ab200295b8327fe88135ed561f1633c9c2c262edf2605
- SSDEEP
  
  1536:GWIQUbUmZ8wG1/xhyxSeG2Ij+LJonAjxmnynMxiicHFmUEkvhOQyWvGG0k:GwUbUmZ8JFxhySebG+LyvynuiicHFmD8
Score

6^/10

discovery
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1