Overview

overview

10

Static

static

10

0923a398e8...f8.elf

ubuntu-18.04-amd64

0923a398e8...f8.elf

debian-9-armhf

0923a398e8...f8.elf

debian-9-mips

0923a398e8...f8.elf

debian-9-mipsel

Sharing

Copy URL Twitter E-mail

General

  • Target

    66b70086c8d3a3f2f8a63b32583fabbf.bin

  • Size

    82KB

  • MD5

    3f125c34595ea11e20cc0dc504b0b3cb

  • SHA1

    0b0f799aa0d1052ab40181a0cf80ef0ad7389f62

  • SHA256

    62f229041eb58f46eea6336da9352f492754c43e089c5c3475c8ae901cfaac65

  • SHA512

    ab21a73a641403906397792d4a8d73e0be6fd4811d557275e2cb7e906520c4c7d598dc2173a5a2ab9d5d80cdefaeeeb3d6533050a5733f7710ef682125b4c476

  • SSDEEP

    1536:Q/a3a9Atm5u75ruDRV+47zsNJ0D+h9MZIFz9cbYTBJpfrmvimrFElt7LlFKKCa5:QfT5ulrb4/sNiDo9AIh9cEFqami//zfr

Score
10/10
enemybotgafgyt

Malware Config

Extracted

Family

gafgyt

C2

239.255.255.250:1900

Signatures

  • Detected Gafgyt variant 1 IoCs
  • Enemybot family
    enemybot
  • Gafgyt family
    gafgyt
  • family_enemybot 1 IoCs

    EnemyBot payload

Files

  • 66b70086c8d3a3f2f8a63b32583fabbf.bin
    .zip

    Password: infected

  • 0923a398e8c92bbd41fb4c75c8a8251d5984a2fe60d02f900c88dfa4af8901f8.elf
    .elf linux