Behavioral task
behavioral1
Sample
c638e269af3c0def3fd3ecbac9d9991df4ed16924b548052928b9c9b14b80a44.elf
Resource
ubuntu1804-amd64-20231221-en
Behavioral task
behavioral2
Sample
c638e269af3c0def3fd3ecbac9d9991df4ed16924b548052928b9c9b14b80a44.elf
Resource
debian9-armhf-20231215-en
Behavioral task
behavioral3
Sample
c638e269af3c0def3fd3ecbac9d9991df4ed16924b548052928b9c9b14b80a44.elf
Resource
debian9-mipsbe-20231222-en
Behavioral task
behavioral4
Sample
c638e269af3c0def3fd3ecbac9d9991df4ed16924b548052928b9c9b14b80a44.elf
Resource
debian9-mipsel-20231215-en
General
-
Target
19ca6a62eb123c25835f72b1306e8955.bin
-
Size
54KB
-
MD5
cdbf529baaca42e57012069235f28281
-
SHA1
cd092d1d405c5fcc91ac6199d864c0dfae4b5785
-
SHA256
fd5b545c1cef8b1b3f2e07eaf8b37258dbbf015ccf838e754dbfceca24a87d6d
-
SHA512
74bcdc47c4f1ff7415b27bd7b73636e90f911fb0712ff42752f7925bfb05f610ec2ed381448e5349a6ac3ef932f240e78a882257a1fd689ae9d2bdf6a0518cd5
-
SSDEEP
1536:TCQO9xP+NnzffC7VARA2cqFFKBlfALDwW:Y4z3qCKe8BloLDl
Malware Config
Extracted
gafgyt
193.35.18.187:64599
Signatures
-
Detected Gafgyt variant 1 IoCs
resource yara_rule static1/unpack001/c638e269af3c0def3fd3ecbac9d9991df4ed16924b548052928b9c9b14b80a44.elf family_gafgyt -
Gafgyt family
-
resource yara_rule static1/unpack001/c638e269af3c0def3fd3ecbac9d9991df4ed16924b548052928b9c9b14b80a44.elf upx
Files
-
19ca6a62eb123c25835f72b1306e8955.bin.zip
Password: infected
-
c638e269af3c0def3fd3ecbac9d9991df4ed16924b548052928b9c9b14b80a44.elf.elf linux sh