gafgyt | 8a63867373e137707a9c4c2285cdea70a76bd1a16afb7b14414724f9aedacd05 | Triage

Sharing

General

Target

8a63867373e137707a9c4c2285cdea70a76bd1a16afb7b14414724f9aedacd05.elf
Size

108KB
Sample

250301-d8w4gszky6
MD5

dda1e45981458bf8a12c4baf6a3c09eb
SHA1

3eee156bc96d79ce7fc7efd94140709c41d48c50
SHA256

8a63867373e137707a9c4c2285cdea70a76bd1a16afb7b14414724f9aedacd05
SHA512

a3139e44bd96035808d90e675494be632d0bd8c2d5ad5fa44d17a86d5a9312f6b58256e95b2a52c8b06151ab454ca1d1c96c0843a6b9ad3220c0f798c30e186f
SSDEEP

3072:01rJLKDLzea8Yj+yYGIGZfZQomiQ9WtX9+a:01rJgzea+yYG1QomiQ9Wx9+a

Score

10^/10

gafgyt discovery

Malware Config

Targets

- Target
  
  8a63867373e137707a9c4c2285cdea70a76bd1a16afb7b14414724f9aedacd05.elf
- Size
  
  108KB
- MD5
  
  dda1e45981458bf8a12c4baf6a3c09eb
- SHA1
  
  3eee156bc96d79ce7fc7efd94140709c41d48c50
- SHA256
  
  8a63867373e137707a9c4c2285cdea70a76bd1a16afb7b14414724f9aedacd05
- SHA512
  
  a3139e44bd96035808d90e675494be632d0bd8c2d5ad5fa44d17a86d5a9312f6b58256e95b2a52c8b06151ab454ca1d1c96c0843a6b9ad3220c0f798c30e186f
- SSDEEP
  
  3072:01rJLKDLzea8Yj+yYGIGZfZQomiQ9WtX9+a:01rJgzea+yYG1QomiQ9Wx9+a
Score

6^/10

discovery
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1