gafgyt | 0383b4942b3ac84082423eec521d1ae720dcabcae04130bd03da5bbe3bcb110e | Triage

Sharing

General

Target

0383b4942b3ac84082423eec521d1ae720dcabcae04130bd03da5bbe3bcb110e.elf
Size

118KB
Sample

250221-cf6xjszmdx
MD5

76678bcff664a00b3c2bf1fcb26f6f39
SHA1

5a7c3aa434fee7c7189df7f1798a7fb81afbaf59
SHA256

0383b4942b3ac84082423eec521d1ae720dcabcae04130bd03da5bbe3bcb110e
SHA512

f5fb359912a9889b3c01939cc8c7a1c5dff1b44cbdb0cb4f2032459548107f58d447d35e4661faced04ed3abe3731cd1128f465587d8d4d4f4857352f5d1e45d
SSDEEP

1536:UPeTk+z1T8RoZaM9ZIAZsUEo8IgwagKWqFMtOFqUmkixFxfC7cgjQ:USJZa+zst1wa/ywFqUmkixFxfKcgjQ

Score

10^/10

gafgyt discovery

Malware Config

Extracted

Family

gafgyt

C2

15.204.128.30:6140

Targets

- Target
  
  0383b4942b3ac84082423eec521d1ae720dcabcae04130bd03da5bbe3bcb110e.elf
- Size
  
  118KB
- MD5
  
  76678bcff664a00b3c2bf1fcb26f6f39
- SHA1
  
  5a7c3aa434fee7c7189df7f1798a7fb81afbaf59
- SHA256
  
  0383b4942b3ac84082423eec521d1ae720dcabcae04130bd03da5bbe3bcb110e
- SHA512
  
  f5fb359912a9889b3c01939cc8c7a1c5dff1b44cbdb0cb4f2032459548107f58d447d35e4661faced04ed3abe3731cd1128f465587d8d4d4f4857352f5d1e45d
- SSDEEP
  
  1536:UPeTk+z1T8RoZaM9ZIAZsUEo8IgwagKWqFMtOFqUmkixFxfC7cgjQ:USJZa+zst1wa/ywFqUmkixFxfKcgjQ
Score

6^/10

discovery
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1