gafgyt | 8806b6d362cd0dd06edf76088a155cfded1ce6205da7d1aff3d32d7294f2bbf2 | Triage

Submit
Reports

Overview

overview

Static

static

pXdN91.mipsel.elf

debian-12-mipsel

6

Sharing

General

Target

pXdN91.mipsel.elf
Size

148KB
Sample

241209-lr8d7atmg1
MD5

dd5e8c1ad291b9f12c6d8f5effde55a6
SHA1

c4dfad8ef73211aa429631e07f89d142c14a2978
SHA256

8806b6d362cd0dd06edf76088a155cfded1ce6205da7d1aff3d32d7294f2bbf2
SHA512

53213a0a46b39fb8ccb8c96b6c9feab1c9563728203630243db8f557fea2e490c16b2bfa3a7f6d545c5f4e503f7ce12c5eeb8fdfbf903b3afa0f280d607e3781
SSDEEP

1536:/mBaejrE9y2nlUuzOTSfZxOGW2V7qdcG7oqN7S6OdRb+3rS4uS1N/mS5SB/5HX48:eB7iCZ2V+Sl6m4NN/mYSBBHX48

Score

10^/10

gafgyt discovery

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

pXdN91.mipsel.elf

Resource

debian12-mipsel-20240221-en

debian-12-mipsel

3 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

154.213.187.14:13387

Targets

- Target
  
  pXdN91.mipsel.elf
- Size
  
  148KB
- MD5
  
  dd5e8c1ad291b9f12c6d8f5effde55a6
- SHA1
  
  c4dfad8ef73211aa429631e07f89d142c14a2978
- SHA256
  
  8806b6d362cd0dd06edf76088a155cfded1ce6205da7d1aff3d32d7294f2bbf2
- SHA512
  
  53213a0a46b39fb8ccb8c96b6c9feab1c9563728203630243db8f557fea2e490c16b2bfa3a7f6d545c5f4e503f7ce12c5eeb8fdfbf903b3afa0f280d607e3781
- SSDEEP
  
  1536:/mBaejrE9y2nlUuzOTSfZxOGW2V7qdcG7oqN7S6OdRb+3rS4uS1N/mS5SB/5HX48:eB7iCZ2V+Sl6m4NN/mYSBBHX48
Score

6^/10

discovery
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy