gafgyt | bd66c5392aaa5ff4d739748171099eeb132bbdc3b894644f893956c7756f07f1 | Triage

Submit
Reports

Overview

overview

Static

static

Okami.arm7.elf

debian-9-armhf

7

Sharing

General

Target

Okami.arm7.elf
Size

154KB
Sample

240705-gtq6gatdrq
MD5

cc47aa0be93a313e5d629d95a39a2274
SHA1

2ba388d09906cc434a434fb5a02da89101dca7c9
SHA256

bd66c5392aaa5ff4d739748171099eeb132bbdc3b894644f893956c7756f07f1
SHA512

860c6f4c143fa540b79d1166320e1f07093fd20b6696141886891ca5b6f298e709a2a8f4cf9c280a52c63304a2f9973c64cb90316a5a1acf665d1b76a6f1620f
SSDEEP

3072:00bacctY8a5k0Po8ZDF5EO45hAN72BDNTBM/9dmVyh9ZmNw3B65QRRi:/bacctYb5k0zZ585ha72lnM/9EVyh9Ze

Score

10^/10

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Okami.arm7.elf

Resource

debian9-armhf-20240611-en

debian-9-armhf

2 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

93.123.85.246:6963

Targets

- Target
  
  Okami.arm7.elf
- Size
  
  154KB
- MD5
  
  cc47aa0be93a313e5d629d95a39a2274
- SHA1
  
  2ba388d09906cc434a434fb5a02da89101dca7c9
- SHA256
  
  bd66c5392aaa5ff4d739748171099eeb132bbdc3b894644f893956c7756f07f1
- SHA512
  
  860c6f4c143fa540b79d1166320e1f07093fd20b6696141886891ca5b6f298e709a2a8f4cf9c280a52c63304a2f9973c64cb90316a5a1acf665d1b76a6f1620f
- SSDEEP
  
  3072:00bacctY8a5k0Po8ZDF5EO45hAN72BDNTBM/9dmVyh9ZmNw3B65QRRi:/bacctYb5k0zZ585ha72lnM/9EVyh9Ze
Score

7^/10
- Writes DNS configuration
  Writes data to DNS resolver config file.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy