Behavioral task
behavioral1
Sample
fadbd5bb4898910ab38768fce0aaa4f3523a5edc67db24b0203cbf6b3a236a52.elf
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral2
Sample
fadbd5bb4898910ab38768fce0aaa4f3523a5edc67db24b0203cbf6b3a236a52.elf
Resource
debian9-armhf-20221111-en
Behavioral task
behavioral3
Sample
fadbd5bb4898910ab38768fce0aaa4f3523a5edc67db24b0203cbf6b3a236a52.elf
Resource
debian9-mipsbe-en-20211208
Behavioral task
behavioral4
Sample
fadbd5bb4898910ab38768fce0aaa4f3523a5edc67db24b0203cbf6b3a236a52.elf
Resource
debian9-mipsel-20221111-en
General
-
Target
5383e7186328059909a7d1231dde3534.bin
-
Size
39KB
-
MD5
a28d73a9b40ac48c28c9d377d95f1479
-
SHA1
2e4304532870f21065f477ed077483a010ff0927
-
SHA256
bd9d93523c22ae28b7d8e245c40c0cd26638b97b2276e3bd7edfb66649677612
-
SHA512
a43b37cf0a704047e66e8da74dcc4fc7a190d66fe31a4abc309f65c006f87f2734d4544a4950982fa522f26132d7e7f44bdbdc98b001311234470d6a09e30cee
-
SSDEEP
768:mabk/3SsHaDXLhbMVaDH22Eq+/BkL1ZijvGjcRtJ4B74mZiUeVk:maaVQdwVab22FLm+jarypiDVk
Malware Config
Extracted
gafgyt
43.153.37.45:707
Signatures
-
Detected Gafgyt variant 1 IoCs
Processes:
resource yara_rule static1/unpack001/fadbd5bb4898910ab38768fce0aaa4f3523a5edc67db24b0203cbf6b3a236a52.elf family_gafgyt -
Gafgyt family
Files
-
5383e7186328059909a7d1231dde3534.bin.zip
Password: infected
-
fadbd5bb4898910ab38768fce0aaa4f3523a5edc67db24b0203cbf6b3a236a52.elf.elf linux ppc