04c37e63a08cede9a9a3676ad9813674d49ee71caf8f4bff9bdeb2feb38c7a2a

Submit
Reports

Overview

overview

Static

static

Malware.20...f09f56

debian-9-mips

Malware.20...1d2347

ubuntu-18.04-amd64

Malware.20...1d2347

debian-9-armhf

Malware.20...1d2347

debian-9-mips

Malware.20...1d2347

debian-9-mipsel

Malware.20...465127

debian-9-armhf

Malware.20...37d14f

ubuntu-18.04-amd64

Malware.20...37d14f

debian-9-armhf

Malware.20...37d14f

debian-9-mips

Malware.20...37d14f

debian-9-mipsel

Malware.20...58207c

debian-9-armhf

Malware.20...ff8c1c

debian-12-mipsel

Malware.20...4315ee

debian-12-mipsel

Malware.20...207d62

ubuntu-18.04-amd64

Malware.20...207d62

debian-9-armhf

Malware.20...207d62

debian-9-mips

Malware.20...207d62

debian-9-mipsel

Malware.20...978e5b

ubuntu-18.04-amd64

Malware.20...978e5b

debian-9-armhf

Malware.20...978e5b

debian-9-mips

Malware.20...978e5b

debian-9-mipsel

Malware.20...dcd5e3

debian-9-mips

Malware.20...d11707

debian-12-mipsel

Malware.20...3bc67c

debian-9-armhf

Malware.20...67fb15

debian-9-mipsel

Malware.20...35453b

ubuntu-18.04-amd64

Malware.20...35453b

debian-9-armhf

Malware.20...35453b

debian-9-mips

Malware.20...35453b

debian-9-mipsel

Malware.20...567266

ubuntu-18.04-amd64

Malware.20...567266

debian-9-armhf

Malware.20...567266

debian-9-mips

Resubmissions

13-02-2025 13:04

250213-qaxnksymhs 10

Analysis

max time kernel
0s
platform
debian-9_mips
resource
debian9-mipsbe-20240729-en
resource tags

arch:mipsimage:debian9-mipsbe-20240729-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
13-02-2025 13:04

Sharing

Copy URL

Twitter E-mail

Static task

static1

58 signatures

Behavioral task

behavioral1

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.dd-54fe5560cb69338057594bfdf0911c042c625a22f54ea59d7d3cfd9d4cf09f56

Resource

debian9-mipsbe-20240418-en

discovery

debian-9-mips

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.dd-7d1b988102f6447b1f2c9ed95273c072946e8ed6768df132a92fb35eaa1d2347

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.dd-7d1b988102f6447b1f2c9ed95273c072946e8ed6768df132a92fb35eaa1d2347

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.dd-7d1b988102f6447b1f2c9ed95273c072946e8ed6768df132a92fb35eaa1d2347

Resource

debian9-mipsbe-20240729-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.dd-7d1b988102f6447b1f2c9ed95273c072946e8ed6768df132a92fb35eaa1d2347

Resource

debian9-mipsel-20240418-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.dd-96e1d6d0086e23b8023c853c5c8e2fe6ddbd046119ed9910317ed2b7d8465127

Resource

debian9-armhf-20240611-en

discovery

debian-9-armhf

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.dd-bb433d2a6c99f2d94140e6e66f0f29e030ead6156eb10f61a0bf562b9e37d14f

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.dd-bb433d2a6c99f2d94140e6e66f0f29e030ead6156eb10f61a0bf562b9e37d14f

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.dd-bb433d2a6c99f2d94140e6e66f0f29e030ead6156eb10f61a0bf562b9e37d14f

Resource

debian9-mipsbe-20240729-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.dd-bb433d2a6c99f2d94140e6e66f0f29e030ead6156eb10f61a0bf562b9e37d14f

Resource

debian9-mipsel-20240418-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.dd-d1a05da3a2d4a15d57ce67f1fdee24ad473e9f35b910557ab775b31e9f58207c

Resource

debian9-armhf-20240611-en

discovery

debian-9-armhf

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.dd-da93c0050adf790ae5b18989953da8bf4b33e8308e531b833200a4a039ff8c1c

Resource

debian12-mipsel-20240221-en

discovery

debian-12-mipsel

2 signatures

150 seconds

Behavioral task

behavioral13

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.fj-11c7521680ffbd1f388845179c94dd5bab33a04de39a7a664d6c3eb6b84315ee

Resource

debian12-mipsel-20240418-en

credential_access defense_evasion discovery

debian-12-mipsel

11 signatures

150 seconds

Behavioral task

behavioral14

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.fj-afee245b6f999f6b9d0dd997436df5f2abfb3c8d2a8811ff57e3c21637207d62

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.fj-afee245b6f999f6b9d0dd997436df5f2abfb3c8d2a8811ff57e3c21637207d62

Resource

debian9-armhf-20240729-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.fj-afee245b6f999f6b9d0dd997436df5f2abfb3c8d2a8811ff57e3c21637207d62

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.fj-afee245b6f999f6b9d0dd997436df5f2abfb3c8d2a8811ff57e3c21637207d62

Resource

debian9-mipsel-20240418-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.fj-ca3f6dce945ccad5a50ea01262b2d42171f893632fc5c5b8ce4499990e978e5b

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.fj-ca3f6dce945ccad5a50ea01262b2d42171f893632fc5c5b8ce4499990e978e5b

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.fj-ca3f6dce945ccad5a50ea01262b2d42171f893632fc5c5b8ce4499990e978e5b

Resource

debian9-mipsbe-20240729-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.fj-ca3f6dce945ccad5a50ea01262b2d42171f893632fc5c5b8ce4499990e978e5b

Resource

debian9-mipsel-20240226-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.fj-df176fb8cfbc7512c77673f862e73833641ebb0d43213492c168f99302dcd5e3

Resource

debian9-mipsbe-20240611-en

credential_access defense_evasion discovery

debian-9-mips

11 signatures

150 seconds

Behavioral task

behavioral23

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.hy-216ab12c56bba575bd40aaa5d602c062abb5fc8ac405f27a43619c3370d11707

Resource

debian12-mipsel-20240221-en

debian-12-mipsel

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.hy-2ee2eaa1fce89b91fb70dd2e853ac63b600c11feae4a1624fa90f1c6e33bc67c

Resource

debian9-armhf-20240729-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.hy-5432ce11eb5dc2d2fee13f42f2e7f358f068dbc809adc4cee460a4456967fb15

Resource

debian9-mipsel-20240418-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.hy-9fd06d80534b729cca8ad2affa0be6b3108c6a117e7b20f81470b2c01335453b

Resource

ubuntu1804-amd64-20240508-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.hy-9fd06d80534b729cca8ad2affa0be6b3108c6a117e7b20f81470b2c01335453b

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.hy-9fd06d80534b729cca8ad2affa0be6b3108c6a117e7b20f81470b2c01335453b

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.hy-9fd06d80534b729cca8ad2affa0be6b3108c6a117e7b20f81470b2c01335453b

Resource

debian9-mipsel-20240611-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.hy-a0f145290eaa8b3b74d83702f391952617262388779aa607dbaac524b4567266

Resource

ubuntu1804-amd64-20240729-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.hy-a0f145290eaa8b3b74d83702f391952617262388779aa607dbaac524b4567266

Resource

debian9-armhf-20240418-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.hy-a0f145290eaa8b3b74d83702f391952617262388779aa607dbaac524b4567266

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Errors

Reason

Reading agent response: read tcp 10.127.0.1:50734->10.127.0.57:8000: read: connection timed out

Report Analysis Logs

General

Target

Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.dd-bb433d2a6c99f2d94140e6e66f0f29e030ead6156eb10f61a0bf562b9e37d14f
Size

154KB
MD5

83faa150586ad1b9e5f44e72be9a4b0e
SHA1

5a501bf035ea5ac3326e34ac70b6bf6037fa1cea
SHA256

bb433d2a6c99f2d94140e6e66f0f29e030ead6156eb10f61a0bf562b9e37d14f
SHA512

dacfb4526e56f06437fd65576dad7019185f84df374db72b40ae30bbb3cfd20e15c2dc16410486f48bd93927e80f05f91621dff7d2e1a74c96204d58b83ca155
SSDEEP

3072:ZMwGBsAshVEB/4BGAXFz5h8HqJmwsweDdAH:3LXh2Qh5h8HkmwsweDdAH

Score

1^/10

Malware Config

Signatures

Processes

/tmp/Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.dd-bb433d2a6c99f2d94140e6e66f0f29e030ead6156eb10f61a0bf562b9e37d14f
/tmp/Malware.2024.10.31/HEUR.Backdoor.Linux.Gafgyt.dd-bb433d2a6c99f2d94140e6e66f0f29e030ead6156eb10f61a0bf562b9e37d14f
1⤵
PID:820

Resubmissions

Analysis

Sharing

Errors

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads