gafgyt | dc0b26808c72f737553b655769dda26d2fbd9df185215743208a47ac6fa683e8 | Triage

Submit
Reports

Overview

overview

Static

static

Okami.mips.elf

debian-9-mips

7

Sharing

General

Target

Okami.mips.elf
Size

120KB
Sample

240705-gtrf8stejj
MD5

17f005fea50cb82ab66c74edaca61e02
SHA1

8499f1c21c5ebd2bb13627a785fcf4bae9bfbbac
SHA256

dc0b26808c72f737553b655769dda26d2fbd9df185215743208a47ac6fa683e8
SHA512

f3dcb85486ed0fc65322b575b6817c66050b7fcd1cfd5bcf925f1e4c0bc57c9b8554f51625a2eb68cc3e9e5f6ae2bb827b593ef5efe00487823c96175a291780
SSDEEP

3072:DLYxtjCSEEV+5hr+xWDOPRx9Fq51uUOypn:vCub++5hqxWyPRx9Fq51uUOypn

Score

10^/10

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Okami.mips.elf

Resource

debian9-mipsbe-20240418-en

debian-9-mips

2 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

93.123.85.246:6963

Targets

- Target
  
  Okami.mips.elf
- Size
  
  120KB
- MD5
  
  17f005fea50cb82ab66c74edaca61e02
- SHA1
  
  8499f1c21c5ebd2bb13627a785fcf4bae9bfbbac
- SHA256
  
  dc0b26808c72f737553b655769dda26d2fbd9df185215743208a47ac6fa683e8
- SHA512
  
  f3dcb85486ed0fc65322b575b6817c66050b7fcd1cfd5bcf925f1e4c0bc57c9b8554f51625a2eb68cc3e9e5f6ae2bb827b593ef5efe00487823c96175a291780
- SSDEEP
  
  3072:DLYxtjCSEEV+5hr+xWDOPRx9Fq51uUOypn:vCub++5hqxWyPRx9Fq51uUOypn
Score

7^/10
- Writes DNS configuration
  Writes data to DNS resolver config file.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy