Behavioral task
behavioral1
Sample
d2efc40937befc168f8d8c4c985a3375184c6c8db577cb926e51cd00243499e5.elf
Resource
debian9-mipsel-en-20211208
debian-9-mipsel
2 signatures
150 seconds
General
-
Target
3832a7cfc035c66d84614505865e6041.bin
-
Size
42KB
-
MD5
c05e10fdfa23ac0fd4b908d73d0d58ff
-
SHA1
9189b1ecd959ea814a597d4088683ea85fbc50f2
-
SHA256
953d0ec2cbdcab645fdf93b1f9a7173be3f84f7f0a30220fb2bae85430ca1f3c
-
SHA512
0ce5c7de3bc80a247bbb7bfc8ac0034ea7484090aea69a70e1d4b2076924ceb7179c6a0d80fa0785121aa3915ed67cbd029736b3c5fb6fb381e016826040ef3d
-
SSDEEP
768:lTBle3uP8QuoPORblq2Oln8xOGANLc4DAa/7nXZ5d64On0X1mWF437wxWL8zhSAi:9nruUORbI2KnQQDAonJZOnw1Lfgu0l
Score
10/10
Malware Config
Extracted
Family
gafgyt
C2
43.153.37.45:707
Signatures
-
Detected Gafgyt variant 1 IoCs
Processes:
resource yara_rule static1/unpack001/d2efc40937befc168f8d8c4c985a3375184c6c8db577cb926e51cd00243499e5.elf family_gafgyt -
Gafgyt family
Files
-
3832a7cfc035c66d84614505865e6041.bin.zip
Password: infected
-
d2efc40937befc168f8d8c4c985a3375184c6c8db577cb926e51cd00243499e5.elf.elf linux mipsel