Behavioral task
behavioral1
Sample
b9eda552955cad506e63864da0e0425481c1e2847c2b1c436e64a45f0ccc9f2a.elf
Resource
debian9-armhf-20230831-en
2 signatures
150 seconds
General
-
Target
5f3099bce697289d67159f6fcf6a7e0d.bin
-
Size
66KB
-
MD5
8a1c8a004b86e048303543618b09ccce
-
SHA1
f648c43151e035e511b5c96751b6f43fc9d4d649
-
SHA256
841f300181b1087ed723e8465e260e10a9677120a2f298a04f70c1b0184f8c63
-
SHA512
e76bfe2adcec5f5505a90b3146f43ccc7e898c7fd4450a95ee58010ac63b66aa3ac58e77676761baac2d4680abbdaa1c4ddf3519b8949e8400138b5237f8bc13
-
SSDEEP
1536:nsR/0axs92d9U+d0rhBNXQWCvzblkEJ7tCQ2fY5o5YUki:sOa292dO+i5C7eE75jqqUki
Score
10/10
Malware Config
Extracted
Family
gafgyt
C2
84.54.51.87:6969
Signatures
-
Detected Gafgyt variant 1 IoCs
resource yara_rule static1/unpack001/b9eda552955cad506e63864da0e0425481c1e2847c2b1c436e64a45f0ccc9f2a.elf family_gafgyt -
Gafgyt family
Files
-
5f3099bce697289d67159f6fcf6a7e0d.bin.zip
Password: infected
-
b9eda552955cad506e63864da0e0425481c1e2847c2b1c436e64a45f0ccc9f2a.elf.elf linux arm