Overview

overview

10

Static

static

10

180989d6d8...ef.elf

debian-9-armhf

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    02e8929813570f32ccd84df7363f99cb.bin

  • Size

    86KB

  • MD5

    314f953d9b6064c1deb4c388a2b9a0b1

  • SHA1

    956fca426d4653f88abfd226b5a09435620ebffc

  • SHA256

    ce74d8df6f682090add7ce1266c95a6d0ed7ff791c0ec6e91a5347ab3d6a7be1

  • SHA512

    d93a83c4b474ea1ddd5862ee6e780d4a9fa87e32d3c5de3d18a88edbd6788053df0b363abb9c337affaeb14b01accb7fd315c8a314e7a93942b6ff54602cac4b

  • SSDEEP

    1536:t2hH5imsWRXOxTnh3Z2bMDYfE39QgUsEBzXIxhVHGBJHR7GYbuyd7z41FSOlYmRu:t2Z5iARGnh3QbtfsKgz8ExhVmF71c1Il

Score
10/10
enemybotgafgyt

Malware Config

Extracted

Family

gafgyt

C2

239.255.255.250:1900

Signatures

  • Detected Gafgyt variant 1 IoCs
  • Enemybot family
    enemybot
  • Gafgyt family
    gafgyt
  • family_enemybot 1 IoCs

    EnemyBot payload

Files

  • 02e8929813570f32ccd84df7363f99cb.bin
    .zip

    Password: infected

  • 180989d6d886af835ae4584b6047fe4887dedb4a875438d0d124f72aaa29caef.elf
    .elf linux arm