Behavioral task
behavioral1
Sample
6b9d952a795b8c40c6f0a656e2eca1d65369376d1e4ddbbfd8bc0257e34d6f66.elf
Resource
debian12-armhf-20240221-en
debian-12-armhf
0 signatures
150 seconds
General
-
Target
ea8db47526399595ac862127833cad22.bin
-
Size
40KB
-
MD5
22515de0dae0e374140a42a1f5f72c81
-
SHA1
2e5232e997d044de24fc551ff056c075611e59ed
-
SHA256
1222be9142a4a5befc53b7cc16715ca609a4fd56bf83bb31fd066f73280b4b20
-
SHA512
030a21f0dbf2e95f586b91e233c238df16bdb5d8ea6ac8537e1970c7e8134d84677bd4e139c3dbc24e0859c3d30278be3b1797b30c8f343b094a9b4117600f82
-
SSDEEP
768:J0C9UfHlsQOTeyrtkprMQM1rhaDoFMBvqgYkFB3PmaaoUKaxvFzAzxVay:CoTe8+zMZ3MBrxfmaNumV
Score
10/10
Malware Config
Extracted
Family
gafgyt
C2
193.233.252.242:4258
Signatures
-
Detected Gafgyt variant 1 IoCs
resource yara_rule static1/unpack001/6b9d952a795b8c40c6f0a656e2eca1d65369376d1e4ddbbfd8bc0257e34d6f66.elf family_gafgyt -
Gafgyt family
Files
-
ea8db47526399595ac862127833cad22.bin.zip
Password: infected
-
6b9d952a795b8c40c6f0a656e2eca1d65369376d1e4ddbbfd8bc0257e34d6f66.elf.elf linux arm