gafgyt | 963233d95d568caae84d7eac81076e099274d9b41df3444f8e83b1c9e4ca9640 | Triage

Submit
Reports

Overview

overview

Static

static

ce852cb668...kes118

ubuntu-24.04-amd64

7

Sharing

General

Target

ce852cb668a5f62c4970bf5847bec791_JaffaCakes118
Size

79KB
Sample

241206-xll5jsxpdk
MD5

ce852cb668a5f62c4970bf5847bec791
SHA1

ef15d3b97586aea7d342a35f89b91004c51eaf53
SHA256

963233d95d568caae84d7eac81076e099274d9b41df3444f8e83b1c9e4ca9640
SHA512

ccf6e55d2efc0344a10ca8db45ed7bcbed40c38a883733e6394a62b23f9cfab590142cfd52be0c9700cd1e9ee2b2aac6f5079b01aecb03b21207f350366d580c
SSDEEP

1536:A8uKdXkUb1YBN9W0nVsgO8Ri/rjw0EqwHSkKmsY/1BLgiLaRVOCjrADmUs:JuakUbWNznVsAi/rE0EdyK/1GiuRVOCr

Score

10^/10

gafgyt linux rootkit

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ce852cb668a5f62c4970bf5847bec791_JaffaCakes118

Resource

ubuntu2404-amd64-20240523-en

ubuntu-24.04-amd64

1 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

85.255.15.247:23

Targets

- Target
  
  ce852cb668a5f62c4970bf5847bec791_JaffaCakes118
- Size
  
  79KB
- MD5
  
  ce852cb668a5f62c4970bf5847bec791
- SHA1
  
  ef15d3b97586aea7d342a35f89b91004c51eaf53
- SHA256
  
  963233d95d568caae84d7eac81076e099274d9b41df3444f8e83b1c9e4ca9640
- SHA512
  
  ccf6e55d2efc0344a10ca8db45ed7bcbed40c38a883733e6394a62b23f9cfab590142cfd52be0c9700cd1e9ee2b2aac6f5079b01aecb03b21207f350366d580c
- SSDEEP
  
  1536:A8uKdXkUb1YBN9W0nVsgO8Ri/rjw0EqwHSkKmsY/1BLgiLaRVOCjrADmUs:JuakUbWNznVsAi/rE0EdyK/1GiuRVOCr
Score

7^/10

rootkit
- Loads a kernel module
  Loads a Linux kernel module, potentially to achieve persistence
  rootkit
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy