Behavioral task
behavioral1
Sample
bc60466878ac1a81a15d4d1e967f6015dc8082a38ef3e0e28e105231cfe62872.elf
Resource
debian9-armhf-20231221-en
3 signatures
150 seconds
General
-
Target
44aa5f6a6ba7e35064dbde8a538ce010.bin
-
Size
70KB
-
MD5
569168595eeb2a8dc76a9b8890712400
-
SHA1
ce84d8506149806f72631c18528303ebe193aa53
-
SHA256
27421b0d3fe1b379fa1486ff5d969f32940849894f4f6febe664ff45dc3221c4
-
SHA512
f46772f57a574ed0496873f84f8f5c0283cec39ccd14faa6cfaf0ebbbfc3dcb5ec7a0396b97bc4682b6f7087122d6417e500f3f9e6ad121ebabfedb3b6dd7a73
-
SSDEEP
1536:LdnbSbREkBirZqtUYRRAB1MZpwMRpF3+OepXK+HRXzf/s6a4vq+X8YnN54aK9t:LdnmbREkYg1RABiLwEuLKCRDfE6Tq/Y4
Malware Config
Extracted
Family
gafgyt
C2
193.35.18.187:64599
Signatures
-
Detected Gafgyt variant 1 IoCs
resource yara_rule static1/unpack001/bc60466878ac1a81a15d4d1e967f6015dc8082a38ef3e0e28e105231cfe62872.elf family_gafgyt -
Gafgyt family
-
resource yara_rule static1/unpack001/bc60466878ac1a81a15d4d1e967f6015dc8082a38ef3e0e28e105231cfe62872.elf upx
Files
-
44aa5f6a6ba7e35064dbde8a538ce010.bin.zip
Password: infected
-
bc60466878ac1a81a15d4d1e967f6015dc8082a38ef3e0e28e105231cfe62872.elf.elf linux arm