gafgyt | 8f2353063d7b296a0575c5713cec124a62a91da8247d5686a490c48543c1808d | Triage

Submit
Reports

Overview

overview

Static

static

e7a7ee1ee8...kes118

ubuntu-24.04-amd64

7

Sharing

General

Target

e7a7ee1ee83c33973aca0412ed01b0f8_JaffaCakes118
Size

83KB
Sample

241212-wvhm2svjep
MD5

e7a7ee1ee83c33973aca0412ed01b0f8
SHA1

5f31cf04b86d6faff8fc93bcc5d06e8ce0663fd6
SHA256

8f2353063d7b296a0575c5713cec124a62a91da8247d5686a490c48543c1808d
SHA512

42891837d2de98231acd045ed1c617b07b18750b8146fd5bd570da5e59ec3c2b9d1c0fdfa8c88b89f41163882209b5137cbf98c14bc6a399af3eeaa085887d98
SSDEEP

1536:wBdmZwZVa4FJ3emC8AnzGpWHMvFyTsL8mF+wVOz+sXcfW7k:9ZwZVa4P3emjACcsMvmEwVOz+ucfW7k

Score

10^/10

gafgyt linux rootkit

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

e7a7ee1ee83c33973aca0412ed01b0f8_JaffaCakes118

Resource

ubuntu2404-amd64-20240729-en

ubuntu-24.04-amd64

1 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

192.3.228.148:666

Targets

- Target
  
  e7a7ee1ee83c33973aca0412ed01b0f8_JaffaCakes118
- Size
  
  83KB
- MD5
  
  e7a7ee1ee83c33973aca0412ed01b0f8
- SHA1
  
  5f31cf04b86d6faff8fc93bcc5d06e8ce0663fd6
- SHA256
  
  8f2353063d7b296a0575c5713cec124a62a91da8247d5686a490c48543c1808d
- SHA512
  
  42891837d2de98231acd045ed1c617b07b18750b8146fd5bd570da5e59ec3c2b9d1c0fdfa8c88b89f41163882209b5137cbf98c14bc6a399af3eeaa085887d98
- SSDEEP
  
  1536:wBdmZwZVa4FJ3emC8AnzGpWHMvFyTsL8mF+wVOz+sXcfW7k:9ZwZVa4P3emjACcsMvmEwVOz+ucfW7k
Score

7^/10

rootkit
- Loads a kernel module
  Loads a Linux kernel module, potentially to achieve persistence
  rootkit
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy