Overview

overview

10

Static

static

10

7e14f903d2...a9.elf

ubuntu-18.04-amd64

7e14f903d2...a9.elf

debian-9-armhf

7e14f903d2...a9.elf

debian-9-mips

7e14f903d2...a9.elf

debian-9-mipsel

Sharing

Copy URL Twitter E-mail

General

  • Target

    c8b022cadda8194efec5e406407bd407.bin

  • Size

    93KB

  • MD5

    34b33cbdcc5864de82b56a133ea0ff8b

  • SHA1

    b1ca49e6a2f15152ca5246d9a5f78fbe877a3b47

  • SHA256

    e9982d5a9cb7ab696703d2a4bd4ed3b0e7600120af880a4529d4c57ad700a442

  • SHA512

    5e6f5472e586479c087e721ee7ee6d48689ce7cb6272382955e1f53ca7b5bb351c20405cd5d1588ecfb28dce771ecc975ddffde336387a669b4cf8af9783fa00

  • SSDEEP

    1536:Ztx8h8ROAS3FN3ayBFKrmDS4ZB3LTqvI/PlNjeLfBogaaFP2lQYL9:ZLhRO1FNZkgX3fqI/PlNqLLP2lQc

Score
10/10
enemybotgafgyt

Malware Config

Extracted

Family

gafgyt

C2

239.255.255.250:1900

Signatures

  • Detected Gafgyt variant 1 IoCs
  • Enemybot family
    enemybot
  • Gafgyt family
    gafgyt
  • family_enemybot 1 IoCs

    EnemyBot payload

Files

  • c8b022cadda8194efec5e406407bd407.bin
    .zip

    Password: infected

  • 7e14f903d2476931d8adc1bfd537ac8aecc1f69e69d9e7155ccd6d28682347a9.elf
    .elf linux sh