Behavioral task
behavioral1
Sample
d79e1eb068b581fe251962141daf5fdfd37543e822af0586eab2e0ab928ac2df.elf
Resource
debian9-armhf-20240226-en
2 signatures
150 seconds
General
-
Target
ac3fa77ce543de94459eec7e6c2466be.bin
-
Size
69KB
-
MD5
6c8ccec2ee303136c4584e4fb9795a51
-
SHA1
7c55528057ebb49ce4a723138250a1884d140105
-
SHA256
b0ef491d28635041d89b4b999d92dc8fae57cdc03897913ecd295c320fe34d20
-
SHA512
d828c2811783ce3dca8545f902a174dca8e0964985865707a912e3f627ce0805bf737e63c68c72889d0224db437bad874956f948f9a93dea510ed2d51aa84feb
-
SSDEEP
1536:VRiu/mMuZTgvxc/ggWjLY4n/WvowF4oIj4g9OIudkiTo2X:yImMuFgvxXgWPr79E6iM2X
Score
10/10
Malware Config
Extracted
Family
gafgyt
C2
91.92.244.11:19302
Signatures
-
Detected Gafgyt variant 1 IoCs
resource yara_rule static1/unpack001/d79e1eb068b581fe251962141daf5fdfd37543e822af0586eab2e0ab928ac2df.elf family_gafgyt -
Gafgyt family
Files
-
ac3fa77ce543de94459eec7e6c2466be.bin.zip
Password: infected
-
d79e1eb068b581fe251962141daf5fdfd37543e822af0586eab2e0ab928ac2df.elf.elf linux arm