gafgyt | 58794be45bca0f8715403decd7264070767bd5e127f8409f089f81435b3268c5 | Triage

Submit
Reports

Overview

overview

Static

static

58794be45b...c5.elf

debian-12-armhf

7

Sharing

General

Target

58794be45bca0f8715403decd7264070767bd5e127f8409f089f81435b3268c5.elf
Size

302KB
Sample

250109-ctklgawqbr
MD5

f800aac19067dd0808e5b08b056bcf11
SHA1

14ebef4f03fea503330cd71255fbb1811628048b
SHA256

58794be45bca0f8715403decd7264070767bd5e127f8409f089f81435b3268c5
SHA512

0d85cd5ac1194b7676a863178d7eabec5481a553daa8b63691f298b060942111e2bfa2eaf3ca87d36da0c18c4e7a84679ca1183655d61850b435217243a1b219
SSDEEP

6144:3JmkqPEIC5aWGSWYZH6KIhmTMLVCdukqM/9jmi3wq09aMNS:gkKER5azSWYZaKimIZCTD/hmi3/09aMM

Score

10^/10

gafgyt defense_evasion discovery

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

58794be45bca0f8715403decd7264070767bd5e127f8409f089f81435b3268c5.elf

Resource

debian12-armhf-20240221-en

defense_evasion discovery

debian-12-armhf

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  58794be45bca0f8715403decd7264070767bd5e127f8409f089f81435b3268c5.elf
- Size
  
  302KB
- MD5
  
  f800aac19067dd0808e5b08b056bcf11
- SHA1
  
  14ebef4f03fea503330cd71255fbb1811628048b
- SHA256
  
  58794be45bca0f8715403decd7264070767bd5e127f8409f089f81435b3268c5
- SHA512
  
  0d85cd5ac1194b7676a863178d7eabec5481a553daa8b63691f298b060942111e2bfa2eaf3ca87d36da0c18c4e7a84679ca1183655d61850b435217243a1b219
- SSDEEP
  
  6144:3JmkqPEIC5aWGSWYZH6KIhmTMLVCdukqM/9jmi3wq09aMNS:gkKER5azSWYZaKimIZCTD/hmi3/09aMM
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy