gafgyt | 6e932ccdb833574dfe5aa1a482d99933baa9fd169f7ab7443b5e1abd2d31be89 | Triage

Submit
Reports

Overview

overview

Static

static

6e932ccdb8...89.elf

ubuntu-24.04-amd64

7

Sharing

General

Target

6e932ccdb833574dfe5aa1a482d99933baa9fd169f7ab7443b5e1abd2d31be89.elf
Size

83KB
Sample

250226-eal2aswn17
MD5

4bb2551c924dfe970ebc36cda5f88650
SHA1

da1c8effd45d06dff85c8cbfd9d34b8a5b4cc685
SHA256

6e932ccdb833574dfe5aa1a482d99933baa9fd169f7ab7443b5e1abd2d31be89
SHA512

d6311460b3f48387eb7a1307039c1136be7fbd86af68cf51140b91eab7808d7603e04386b77a30a9c59839575c8169286cf0e2c31ce3a557d4d96345bb012057
SSDEEP

1536:qr5b1ZU4d3J6lreu5r4hWj8LvGDloRmF+wVOz+sXcfW7k:wb1ZU4ZJ6liuq0Y7GoRmEwVOz+ucfW7k

Score

10^/10

gafgyt linux rootkit

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

6e932ccdb833574dfe5aa1a482d99933baa9fd169f7ab7443b5e1abd2d31be89.elf

Resource

ubuntu2404-amd64-20240523-en

ubuntu-24.04-amd64

1 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

176.65.137.193:12345

Targets

- Target
  
  6e932ccdb833574dfe5aa1a482d99933baa9fd169f7ab7443b5e1abd2d31be89.elf
- Size
  
  83KB
- MD5
  
  4bb2551c924dfe970ebc36cda5f88650
- SHA1
  
  da1c8effd45d06dff85c8cbfd9d34b8a5b4cc685
- SHA256
  
  6e932ccdb833574dfe5aa1a482d99933baa9fd169f7ab7443b5e1abd2d31be89
- SHA512
  
  d6311460b3f48387eb7a1307039c1136be7fbd86af68cf51140b91eab7808d7603e04386b77a30a9c59839575c8169286cf0e2c31ce3a557d4d96345bb012057
- SSDEEP
  
  1536:qr5b1ZU4d3J6lreu5r4hWj8LvGDloRmF+wVOz+sXcfW7k:wb1ZU4ZJ6liuq0Y7GoRmEwVOz+ucfW7k
Score

7^/10

rootkit
- Loads a kernel module
  Loads a Linux kernel module, potentially to achieve persistence
  rootkit
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy