gafgyt | 47134e87eb0f623763091f651f01fdcaef2e62c1a4df04b2f4c71f7394503e01 | Triage

Submit
Reports

Overview

overview

Static

static

Ayedz.mipsel.elf

debian-9-mipsel

6

Sharing

General

Target

Ayedz.mipsel.elf
Size

123KB
Sample

250203-md2vxszpak
MD5

107fac8d72b0e9ad9ac9771d0218ceea
SHA1

50e921b88a5001f932e6d9f8534693efa0980e0e
SHA256

47134e87eb0f623763091f651f01fdcaef2e62c1a4df04b2f4c71f7394503e01
SHA512

49be1ae0fbd8f08ce40c4dd6f151241dac6ffa0224685c31dc0f23d9f00767d855ac767dda00eda25097b8e8938e90a1f2d40f26457288a612f62729ffc66f17
SSDEEP

1536:VLeTL25A9LV1m9jMdZYHvaycg4Ko72dl5hJddddddut8BEVwmeFfkq+QCyRnVgj:V825t9jGxtKD5h9JEVwmeRkq+QXnVgj

Score

10^/10

gafgyt discovery

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Ayedz.mipsel.elf

Resource

debian9-mipsel-20240418-en

debian-9-mipsel

3 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

45.13.151.59:666

Targets

- Target
  
  Ayedz.mipsel.elf
- Size
  
  123KB
- MD5
  
  107fac8d72b0e9ad9ac9771d0218ceea
- SHA1
  
  50e921b88a5001f932e6d9f8534693efa0980e0e
- SHA256
  
  47134e87eb0f623763091f651f01fdcaef2e62c1a4df04b2f4c71f7394503e01
- SHA512
  
  49be1ae0fbd8f08ce40c4dd6f151241dac6ffa0224685c31dc0f23d9f00767d855ac767dda00eda25097b8e8938e90a1f2d40f26457288a612f62729ffc66f17
- SSDEEP
  
  1536:VLeTL25A9LV1m9jMdZYHvaycg4Ko72dl5hJddddddut8BEVwmeFfkq+QCyRnVgj:V825t9jGxtKD5h9JEVwmeRkq+QXnVgj
Score

6^/10

discovery
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy