Behavioral task
behavioral1
Sample
5d259da8764e1df97d656fefcc956dde7be8ff3eaeab7dac1d311f6d50c74b48.elf
Resource
debian12-armhf-20240221-en
0 signatures
150 seconds
General
-
Target
36b3f7221753757e6bc9f063825942b9.bin
-
Size
41KB
-
MD5
414121e78660084e9603db67c6331266
-
SHA1
11d9e44a39a757fdb41d3ea61c5d11f21c652681
-
SHA256
69ef7a47ba0885d07a8406b638fd3266d546ee0fd01152c8600c62308f5a24de
-
SHA512
d87e8789aabb6e44f90a47e219ed2e1b3711758f2a6b25c63479b47de47b3227e69a056ac44d70860651a5aef473b2ba7cc97b73e8076dde07b77ddd56ab5a11
-
SSDEEP
768:zXV8T0F8G68MAr06xKueCmxpkGg87QvBBE8m7TYP/v2C3Qhx/Ogh:zXVV8Gl3mvgtvBBE8NP/eCA7V
Score
10/10
Malware Config
Extracted
Family
gafgyt
C2
5.253.246.12:23
Signatures
-
Detected Gafgyt variant 1 IoCs
resource yara_rule static1/unpack001/5d259da8764e1df97d656fefcc956dde7be8ff3eaeab7dac1d311f6d50c74b48.elf family_gafgyt -
Gafgyt family
Files
-
36b3f7221753757e6bc9f063825942b9.bin.zip
Password: infected
-
5d259da8764e1df97d656fefcc956dde7be8ff3eaeab7dac1d311f6d50c74b48.elf.elf linux arm