Behavioral task
behavioral1
Sample
3441b0320fe7ff51f243a71250ec19502a2a2cc7d4ca41247483c791be61d1f1.elf
Resource
ubuntu1804-amd64-en-20211208
ubuntu-18.04-amd64
2 signatures
150 seconds
General
-
Target
4544b40ca36171545258a459a4f7998b.bin
-
Size
40KB
-
MD5
cdd4fa3dff3b972db77b4f19688297bf
-
SHA1
9dd49ec5af602ade685b855689b21175a8909a5b
-
SHA256
b204fd59ab029a910225508ac0a58b9a21ff849852faa8bdee45ae90dcce9687
-
SHA512
caf3adcfebb6ab70e3aec3881fdc9fbe618a6a942acf4f4b711f724e9ac8044f663dac322e96e8d0ca6c1a8ad3063b5237563d42da85ad5579e3802810b34050
-
SSDEEP
768:RCiMH743n7yUpB9LAd4Z3OsE16W0es0nJrBq5XZF94cGRZlIKqOvBxe8:R/MHEhpLg44gryA5XaRZSKqGT
Score
10/10
Malware Config
Extracted
Family
gafgyt
C2
5.249.162.136:4258
Signatures
-
Detected Gafgyt variant 1 IoCs
Processes:
resource yara_rule static1/unpack001/3441b0320fe7ff51f243a71250ec19502a2a2cc7d4ca41247483c791be61d1f1.elf family_gafgyt -
Gafgyt family
Files
-
4544b40ca36171545258a459a4f7998b.bin.zip
Password: infected
-
3441b0320fe7ff51f243a71250ec19502a2a2cc7d4ca41247483c791be61d1f1.elf.elf linux x64