Behavioral task
behavioral1
Sample
97cf5198be05d13e85a49e4720b2050f2af110ae775bcd6c180391e8853ecd7f.elf
Resource
debian9-armhf-20240226-en
3 signatures
150 seconds
General
-
Target
97cf5198be05d13e85a49e4720b2050f2af110ae775bcd6c180391e8853ecd7f.zip
-
Size
67KB
-
MD5
a1a719bb795a25b975d69241fe522ae2
-
SHA1
23eff1b3143778eafbd7a58ee296128fd9c7a2fb
-
SHA256
89ce0b023e9050db5e97d720d7154ec534d9a288c887cda09fdf134730d5abcd
-
SHA512
689bc78062de61c335b2e08113f3bd07d21e4ad615688ad995918aaf5a0ae91f47b231813a70aa5affb8206c64a52770f678e8b5b6a8632f22096e92a834c1de
-
SSDEEP
1536:537yXDDWQ6pWVJ/+44mffUMEZe/l+PGuwqzCY8fLLeEUK8s3SNUMkxbz:53OXDDW23/+nmffpEZeYPGuwqWY8fLiy
Malware Config
Extracted
Family
gafgyt
C2
193.35.18.56:65490
Signatures
-
Detected Gafgyt variant 1 IoCs
resource yara_rule static1/unpack001/97cf5198be05d13e85a49e4720b2050f2af110ae775bcd6c180391e8853ecd7f.elf family_gafgyt -
Gafgyt family
-
resource yara_rule static1/unpack001/97cf5198be05d13e85a49e4720b2050f2af110ae775bcd6c180391e8853ecd7f.elf upx
Files
-
97cf5198be05d13e85a49e4720b2050f2af110ae775bcd6c180391e8853ecd7f.zip.zip
Password: infected
-
97cf5198be05d13e85a49e4720b2050f2af110ae775bcd6c180391e8853ecd7f.elf.elf linux arm