Behavioral task
behavioral1
Sample
9702dc811c05ceb5a80b465c966ab392dde2bf6442f59b8dddf1b5106577b1c7.elf
Resource
debian9-armhf-20221111-en
debian-9-armhf
2 signatures
150 seconds
General
-
Target
cf068be65e5cde6c25feb311671b0f30.bin
-
Size
50KB
-
MD5
0d956ebb86f97d2d792cd39d6ea3b85a
-
SHA1
da601d67df333f8000415754f49e94f5a6faf7e9
-
SHA256
6c0cf5bf050c6980317757953f25a6595b8428709df3583a5e767da26f25c510
-
SHA512
0a7d0ff2bea5b97b6c8b8f858d6a22f213349ee8f0695297a8f404d36c2afc686578a640e16ee10cba9bc11c306a482a0e2f0bc717c3848581dc8416b5aa79ab
-
SSDEEP
1536:NVMZmLD4nc9rkDxCfND0WcH1pP66ZDiGuHXNVzXIUmpq1c:jmFnnDsfNFcny6ViG2XNPmpSc
Score
10/10
Malware Config
Extracted
Family
gafgyt
C2
43.153.37.45:707
Signatures
-
Detected Gafgyt variant 1 IoCs
Processes:
resource yara_rule static1/unpack001/9702dc811c05ceb5a80b465c966ab392dde2bf6442f59b8dddf1b5106577b1c7.elf family_gafgyt -
Gafgyt family
Files
-
cf068be65e5cde6c25feb311671b0f30.bin.zip
Password: infected
-
9702dc811c05ceb5a80b465c966ab392dde2bf6442f59b8dddf1b5106577b1c7.elf.elf linux arm