gafgyt | 596c2174f15304ad6029db214b0f4b5ebb97552be7f9d9a170fe03bbc7c762c1 | Triage

Sharing

General

Target

jew.mips.elf
Size

133KB
Sample

250305-jmgpkasycw
MD5

a328b683ab2e102306ce558ac2848bc0
SHA1

8e4ca556c8ac6483a4f496736cd6efb645732d13
SHA256

596c2174f15304ad6029db214b0f4b5ebb97552be7f9d9a170fe03bbc7c762c1
SHA512

8452bcd476ca2f27529fbfa95ed7eb348d0448350857039d7fbf26be21df34084222790becbd00ba6875417ae7f527e9e16c2ff8b6ea4f9a1330bf8b8ddd4505
SSDEEP

3072:rOXCDVt9xbEaSRX84fA6D5773ujQ8y7Hk2R/vKKDoeJZwRGNA4++xQ1IP:atE0qKDpwRGNA4++xQ1IP

Score

10^/10

gafgyt discovery

Malware Config

Extracted

Family

gafgyt

C2

45.148.10.136:666

Targets

- Target
  
  jew.mips.elf
- Size
  
  133KB
- MD5
  
  a328b683ab2e102306ce558ac2848bc0
- SHA1
  
  8e4ca556c8ac6483a4f496736cd6efb645732d13
- SHA256
  
  596c2174f15304ad6029db214b0f4b5ebb97552be7f9d9a170fe03bbc7c762c1
- SHA512
  
  8452bcd476ca2f27529fbfa95ed7eb348d0448350857039d7fbf26be21df34084222790becbd00ba6875417ae7f527e9e16c2ff8b6ea4f9a1330bf8b8ddd4505
- SSDEEP
  
  3072:rOXCDVt9xbEaSRX84fA6D5773ujQ8y7Hk2R/vKKDoeJZwRGNA4++xQ1IP:atE0qKDpwRGNA4++xQ1IP
Score

4^/10

discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1