gafgyt | 2770ccf021acbe030d0f0dc776c76e075b8084d87e561601e0a6a5a2d4e517ac | Triage

Submit
Reports

Overview

overview

Static

static

Okami.i686

ubuntu-24.04-amd64

7

Sharing

General

Target

Okami.i686
Size

80KB
Sample

250327-3djbkszsfx
MD5

a7c20be31ae57de59b15e09c12342812
SHA1

42f5553947a5a3fe8fafe30049f2f5a4bd00b532
SHA256

2770ccf021acbe030d0f0dc776c76e075b8084d87e561601e0a6a5a2d4e517ac
SHA512

d7351eb2ff4712a06f71f2e719c6f007d7e76bc67b8a03e6caca6870494f05f1cf8030cc61b75473d99249cea21fa3fb1b6d3fca2a8108222e6e31cf670f24ff
SSDEEP

1536:S9DnXge/Bexx+4WiM3wuvsCH+qCuGH2PeJiE5hdB75Xs3r0OzRPF+jHeN:UnXXBeKlVAdCH+qHE2DE5hdzXmr0OzR7

Score

10^/10

gafgyt linux rootkit

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Okami.i686

Resource

ubuntu2404-amd64-20250307-en

ubuntu-24.04-amd64

1 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

94.154.34.47:23

Targets

- Target
  
  Okami.i686
- Size
  
  80KB
- MD5
  
  a7c20be31ae57de59b15e09c12342812
- SHA1
  
  42f5553947a5a3fe8fafe30049f2f5a4bd00b532
- SHA256
  
  2770ccf021acbe030d0f0dc776c76e075b8084d87e561601e0a6a5a2d4e517ac
- SHA512
  
  d7351eb2ff4712a06f71f2e719c6f007d7e76bc67b8a03e6caca6870494f05f1cf8030cc61b75473d99249cea21fa3fb1b6d3fca2a8108222e6e31cf670f24ff
- SSDEEP
  
  1536:S9DnXge/Bexx+4WiM3wuvsCH+qCuGH2PeJiE5hdB75Xs3r0OzRPF+jHeN:UnXXBeKlVAdCH+qHE2DE5hdzXmr0OzR7
Score

7^/10

rootkit
- Loads a kernel module
  Loads a Linux kernel module, potentially to achieve persistence
  rootkit
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy