gafgyt | c977d2cd4f7b6099d9a26b0bdc6b928bf6bb585146c47a7f75720a30f0e081e9 | Triage

Submit
Reports

Overview

overview

Static

static

7e6bbf7c20...bc.elf

ubuntu-22.04-amd64

6

Sharing

General

Target

7e6bbf7c20bbececd9411b74fcec3fbc.elf
Size

106KB
Sample

240705-jrjdysvcqq
MD5

7e6bbf7c20bbececd9411b74fcec3fbc
SHA1

f6804e818bea0cc19fe74993c2f0fb0cfd5c7f13
SHA256

c977d2cd4f7b6099d9a26b0bdc6b928bf6bb585146c47a7f75720a30f0e081e9
SHA512

28868ce06849ae878147e4510324ccca090bc97fe3f1ad0fb4a9ae380a4a3affe22a011cfd4c6cba49cd4c53c2d78e0dfdb8cdae1360d0d9b26ad1d3a95343c2
SSDEEP

3072:j6dye4BmJQCphaZw/1vc45AzkSXmdRWaLHgb4:dCphaZcErmdRWaDgb4

Score

10^/10

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

7e6bbf7c20bbececd9411b74fcec3fbc.elf

Resource

ubuntu2204-amd64-20240611-en

ubuntu-22.04-amd64

2 signatures

150 seconds

Malware Config

Extracted

Family

gafgyt

C2

164.90.201.215:4258

Targets

- Target
  
  7e6bbf7c20bbececd9411b74fcec3fbc.elf
- Size
  
  106KB
- MD5
  
  7e6bbf7c20bbececd9411b74fcec3fbc
- SHA1
  
  f6804e818bea0cc19fe74993c2f0fb0cfd5c7f13
- SHA256
  
  c977d2cd4f7b6099d9a26b0bdc6b928bf6bb585146c47a7f75720a30f0e081e9
- SHA512
  
  28868ce06849ae878147e4510324ccca090bc97fe3f1ad0fb4a9ae380a4a3affe22a011cfd4c6cba49cd4c53c2d78e0dfdb8cdae1360d0d9b26ad1d3a95343c2
- SSDEEP
  
  3072:j6dye4BmJQCphaZw/1vc45AzkSXmdRWaLHgb4:dCphaZcErmdRWaDgb4
Score

6^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy