Behavioral task
behavioral1
Sample
b4ca701c5b421f5dc01156234fc0bd96f859394fa6f1cdfd5c71e990f3d906e8.elf
Resource
debian9-armhf-en-20211208
debian-9-armhf
2 signatures
150 seconds
General
-
Target
1644cb4cd17f741805607d0bad38e89e.bin
-
Size
51KB
-
MD5
3f7527fa7f042e7216da6389dcc5b563
-
SHA1
beafdc5666626b95afd4aeacdcb5b00caf270b8e
-
SHA256
ad01a843ec5fcaa5ac6bbd6a6e633adde6d3f8d7730427410a711a406b44ff7a
-
SHA512
74f662ebaeef328820d12079eaf94e80cd9b3907f83b651249474d71ebc14fe0e086148a1b5e0cb5d0bb95b20926c9f2c1198ddcf503957eea00c661a0178daa
-
SSDEEP
768:7TtY8DYOUc33WIfHJ3PDYBeajhYixBc9jA8Adf7oo82+LmcY72Yr/vfG7BrfxrN4:7Tt1MWHhPZUuijc5+dWLmcY6YryDdNYP
Score
10/10
Malware Config
Signatures
-
Detected Gafgyt variant 1 IoCs
Processes:
resource yara_rule static1/unpack001/b4ca701c5b421f5dc01156234fc0bd96f859394fa6f1cdfd5c71e990f3d906e8.elf family_gafgyt -
Gafgyt family
Files
-
1644cb4cd17f741805607d0bad38e89e.bin.zip
Password: infected
-
b4ca701c5b421f5dc01156234fc0bd96f859394fa6f1cdfd5c71e990f3d906e8.elf.elf linux arm