gafgyt | 5d32b827c038ecf576186950b6d212c2d084559923d8f8461fd72ef8efeaf81c | Triage

Sharing

General

Target

5d32b827c038ecf576186950b6d212c2d084559923d8f8461fd72ef8efeaf81c.elf
Size

108KB
Sample

250115-c5gzqaxqgt
MD5

7da406e698731daf01533a3984bc3197
SHA1

39f1a788e679489a9ec21691a7df3c49d558a3f8
SHA256

5d32b827c038ecf576186950b6d212c2d084559923d8f8461fd72ef8efeaf81c
SHA512

37d83d15ce5a83e6555f63fe44a596e4c35df4a43c05380b6af19517d1d4bfc4ab1517f563790440577e9d3a04c876bcd0a10e2d26ffa2420eae956509a000fd
SSDEEP

3072:/gvINOc2FN+lhty8nzbvNIhfnqsCvzFcm7QnKQXaeW://Qa3y83viFnqsCJcm7QnKGaeW

Score

10^/10

gafgyt discovery

Malware Config

Extracted

Family

gafgyt

C2

23.95.73.77:999

Targets

- Target
  
  5d32b827c038ecf576186950b6d212c2d084559923d8f8461fd72ef8efeaf81c.elf
- Size
  
  108KB
- MD5
  
  7da406e698731daf01533a3984bc3197
- SHA1
  
  39f1a788e679489a9ec21691a7df3c49d558a3f8
- SHA256
  
  5d32b827c038ecf576186950b6d212c2d084559923d8f8461fd72ef8efeaf81c
- SHA512
  
  37d83d15ce5a83e6555f63fe44a596e4c35df4a43c05380b6af19517d1d4bfc4ab1517f563790440577e9d3a04c876bcd0a10e2d26ffa2420eae956509a000fd
- SSDEEP
  
  3072:/gvINOc2FN+lhty8nzbvNIhfnqsCvzFcm7QnKQXaeW://Qa3y83viFnqsCJcm7QnKGaeW
Score

6^/10

discovery
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1