gafgyt | 866c9c04074bd7aabc0ea7512c6aaebd4bc0f4dbd7ec7a953c21824378dced74 | Triage

Sharing

General

Target

Okami.mips.elf
Size

120KB
Sample

250305-g7xv6s1vcy
MD5

b22d640895851a543cb59cf470755478
SHA1

9024912d7cd2f8e91b06b6b8417d4bc6667a6cf6
SHA256

866c9c04074bd7aabc0ea7512c6aaebd4bc0f4dbd7ec7a953c21824378dced74
SHA512

de984e2612ed365a090add5fe9ac4a9563c48b1b2bb0e5fc707619f84b91e5b5a8a2421353e211e57e5c24dec95173123a2f08241288b200235e390ddf591cf6
SSDEEP

3072:DLYxtjCSEEVC5hr+xWDOPRx9Fq51uUOypn:vCub+C5hqxWyPRx9Fq51uUOypn

Score

10^/10

gafgyt discovery

Malware Config

Extracted

Family

gafgyt

C2

193.200.78.49:6963

Targets

- Target
  
  Okami.mips.elf
- Size
  
  120KB
- MD5
  
  b22d640895851a543cb59cf470755478
- SHA1
  
  9024912d7cd2f8e91b06b6b8417d4bc6667a6cf6
- SHA256
  
  866c9c04074bd7aabc0ea7512c6aaebd4bc0f4dbd7ec7a953c21824378dced74
- SHA512
  
  de984e2612ed365a090add5fe9ac4a9563c48b1b2bb0e5fc707619f84b91e5b5a8a2421353e211e57e5c24dec95173123a2f08241288b200235e390ddf591cf6
- SSDEEP
  
  3072:DLYxtjCSEEVC5hr+xWDOPRx9Fq51uUOypn:vCub+C5hqxWyPRx9Fq51uUOypn
Score

4^/10

discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1