Overview

overview

10

Static

static

10

fcee35d3c0...cb.elf

debian-9-armhf

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    355c9ae415faba668e05ba70f6599c7e.bin

  • Size

    94KB

  • MD5

    e2e89f91da49b50085fe626d1642ab63

  • SHA1

    71f30a518c57b7fbe7ac3282f71d982b1bac3fdb

  • SHA256

    c05528d79e4e9679b3b301da11340113828c95abcc56ef214c0ee3a1e0bdc254

  • SHA512

    2432cdd22dbe26f94c5031e8893f999c589650137cb28e18769fe099c9f9664bdb2ebf58470efb8efaf8f21c27ec70dc644242ed7e6049512174c155c16969f9

  • SSDEEP

    1536:NJB2Yc/+v5Ke/+HeHuZ1vfwavaj9cySFT/baqrj4hJVx7BBVtZo57g+p4oITUtEV:NnJJwvacyYTffkTx7BNi7xGfUt/o9x

Score
10/10
enemybotgafgyt

Malware Config

Extracted

Family

gafgyt

C2

239.255.255.250:1900

Signatures

  • Detected Gafgyt variant 1 IoCs
  • Enemybot family
    enemybot
  • Gafgyt family
    gafgyt
  • family_enemybot 1 IoCs

    EnemyBot payload

Files

  • 355c9ae415faba668e05ba70f6599c7e.bin
    .zip

    Password: infected

  • fcee35d3c0fd9f68582c8d11bfc133ccb7559053282f859b6c4cab1f38b5ddcb.elf
    .elf linux arm