Overview

overview

10

Static

static

10

8bfbd5faf2...6a.elf

debian-9-armhf

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    8f0ef21b5de9e86fb84f39100d232d31.bin

  • Size

    89KB

  • MD5

    36b101b3a1e6a6cb40af6bc21c05749f

  • SHA1

    2dc49b8d24c3a7190b2e21aa4df86fe418999687

  • SHA256

    74586ff5fdfb9e3afec8d962afd021eef89d7c3bec0fade8715e442b6c904f53

  • SHA512

    3acf29ecf23a57d2b2e0a7f9f382459e578a2a6c2575b1616ea0b08a18f092917e1d6e7da0b2eaabcd261852cf6c7915899f1856d7d5cee21c497d36cb8526dd

  • SSDEEP

    1536:4+r2bMJmQMVi1gIIhKDlVySLtKPzLAjWWnjEjn5p/+3O7cTtF53Fct0E6UyXn:BrCTQSi1RIcDqqqzLAjznwjn/vYTtnP7

Score
10/10
enemybotgafgyt

Malware Config

Extracted

Family

gafgyt

C2

239.255.255.250:1900

Signatures

  • Detected Gafgyt variant 1 IoCs
  • Enemybot family
    enemybot
  • Gafgyt family
    gafgyt
  • family_enemybot 1 IoCs

    EnemyBot payload

Files

  • 8f0ef21b5de9e86fb84f39100d232d31.bin
    .zip

    Password: infected

  • 8bfbd5faf2dd2dfb76e60c14d010fbf1bcbe980950528709ceac4edc9f003c6a.elf
    .elf linux arm