Overview

overview

10

Static

static

10

cd27206bfd...4b.elf

ubuntu-18.04-amd64

cd27206bfd...4b.elf

debian-9-armhf

cd27206bfd...4b.elf

debian-9-mips

cd27206bfd...4b.elf

debian-9-mipsel

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aec11ee194130a76c27925eac83e3fd6.bin

  • Size

    82KB

  • MD5

    019c9257459268f3d3fffb855bc42ef2

  • SHA1

    6b7aa3612af870944ce461c3f46f90842c50d92f

  • SHA256

    c5e735bf9dc6306767304e734f7d8bc8f51e0f5724b601a9e6fc95c02fe5ab70

  • SHA512

    2946e521f3c4f79d35a3cf0449f21cdc2b8a0bf6137c458d6ea8562294300049f999406f74bd9700bbd89c9b9b4a87f9c66b9843ad871b3c26a739c7587e36f5

  • SSDEEP

    1536:+zw+BAEgtwYPTqvP5tDrUlwCGYAyHHSUMuIkLFsGckR:+LTgtXbBimHHSUMrEFPckR

Score
10/10
enemybotgafgyt

Malware Config

Extracted

Family

gafgyt

C2

239.255.255.250:1900

Signatures

  • Detected Gafgyt variant 1 IoCs
  • Enemybot family
    enemybot
  • Gafgyt family
    gafgyt
  • family_enemybot 1 IoCs

    EnemyBot payload

Files

  • aec11ee194130a76c27925eac83e3fd6.bin
    .zip

    Password: infected

  • cd27206bfdcc025100d095572301c8f7def4e922263ede85cd51b4299c1e4e4b.elf
    .elf linux ppc