gafgyt | 88efbb7549ff764417f3bab06b885e75e44f639306f754ee67d41627c615e256 | Triage

Submit
Reports

Overview

overview

Static

static

7a6489e4a5...a1.elf

ubuntu-24.04-amd64

7

Sharing

General

Target

0edc673eda0ed6fc89b1a1dc8de894be.bin
Size

38KB
Sample

241212-bda7esvldx
MD5

474478d6a33f04cedd258e8e03103d19
SHA1

9dbce79aceef3e58a2fff2ecbd7042954b91cd8e
SHA256

88efbb7549ff764417f3bab06b885e75e44f639306f754ee67d41627c615e256
SHA512

0d50452661fbb5a43985f8f17bc13ef89fad9ed7113e03ea292d1154c7b2931a7fee7f6a7857d4e0ee9b1b23a2607e54bd11f841184d2d8cb76e3218d1fef24a
SSDEEP

768:AubnRs2wrfP78svCASdrtA71K6HgKRETSxWpng3A3qVkNGPvO9I3yrH2cLUk:Aus578RjrtABK6H1EOxWgA3qSNMW9I32

Score

10^/10

gafgyt linux rootkit

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

7a6489e4a5b25915b47b204aecc3afb0e3f51f6f33059e8333b8e0300b4ca2a1.elf

Resource

ubuntu2404-amd64-20240523-en

ubuntu-24.04-amd64

1 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

93.123.85.251:12345

Targets

- Target
  
  7a6489e4a5b25915b47b204aecc3afb0e3f51f6f33059e8333b8e0300b4ca2a1.elf
- Size
  
  83KB
- MD5
  
  0edc673eda0ed6fc89b1a1dc8de894be
- SHA1
  
  d3cf741bb069718950040b4b74317de61b4b66ad
- SHA256
  
  7a6489e4a5b25915b47b204aecc3afb0e3f51f6f33059e8333b8e0300b4ca2a1
- SHA512
  
  342d06111a490d97e4f2926b6b35d989993bc12e9709d736bae4ce317f24fad0b3800cee7e13a3ee788096ac3fcaee1e041ad6fe9769c9232794da2eb2eeef03
- SSDEEP
  
  1536:W35b9Vc4N3J6lreu5r4hWj8LNWDloRmF+wVOz+sXcfW7k:Ab9Vc4JJ6liuq0YR2oRmEwVOz+ucfW7k
Score

7^/10

rootkit
- Loads a kernel module
  Loads a Linux kernel module, potentially to achieve persistence
  rootkit
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy