Behavioral task
behavioral1
Sample
3c7dfa7bd2bd84da4d5be3357806bbc792428bb82a5acb0f350c01affd1a7a8f.elf
Resource
debian9-armhf-20231026-en
2 signatures
150 seconds
General
-
Target
26cddf73479495f6077a75045d8dc8ab.bin
-
Size
44KB
-
MD5
6e602c34142d21ba88038dd519f6117a
-
SHA1
0d75eac477d8135b9f483c1779480d6e8df67f85
-
SHA256
2088d1b0071502b84a90934fb66dbed1266029201620642d229e1c09fdaaa930
-
SHA512
1eaf1d063f5dde1b35879d65b1813bf1a91e89db51517777bf84b2ff460b55d925ab7da27e26dcfd41af45c8e9f72b1dcfdde5ba6d5393c2e4c7f149a5900c6b
-
SSDEEP
768:1I2pqpLn8AG69BTzieAnzwvUl25EL8AMn9DqiS6enWr+TTYi8Dtjxb295WEI4:1I21AdDHbbM9IRhqiIWgYLDtjo95M4
Score
10/10
Malware Config
Extracted
Family
gafgyt
C2
103.29.2.134:12345
Signatures
-
Detected Gafgyt variant 1 IoCs
resource yara_rule static1/unpack001/3c7dfa7bd2bd84da4d5be3357806bbc792428bb82a5acb0f350c01affd1a7a8f.elf family_gafgyt -
Gafgyt family
Files
-
26cddf73479495f6077a75045d8dc8ab.bin.zip
Password: infected
-
3c7dfa7bd2bd84da4d5be3357806bbc792428bb82a5acb0f350c01affd1a7a8f.elf.elf linux arm