Behavioral task
behavioral1
Sample
35ade707e40b3adfff9d45e1b8889c26cc81673e132f9573096ca4016db59be2.elf
Resource
debian9-armhf-20240418-en
2 signatures
150 seconds
General
-
Target
73ad848f69ea50a7bfb307834658ea1462d24ecd0eb0a34fc448686c657afb6d
-
Size
82KB
-
MD5
bfffafda1008732610c6525b1cd7ae0b
-
SHA1
571dcbdcadbce44732328cd80a61b4dbc83a9ddb
-
SHA256
73ad848f69ea50a7bfb307834658ea1462d24ecd0eb0a34fc448686c657afb6d
-
SHA512
0ce02ce1c17b658d0419882950311d90fdd2b58708ec2798b8fcadfaad539d9c66682c1fa084a702c68ddce2aa6d0d4f9864cd7006939e87ada9e757a43ffa8a
-
SSDEEP
1536:4PWHXMAFfLwJZVf3F6UV0UhDoYK/iKSd9MhKESjcGO6s1xWE3zOi:4q86fsJ7gOh+zSdu0EmTinWE3zh
Score
10/10
Malware Config
Extracted
Family
gafgyt
C2
62.72.191.203:777
Signatures
-
Detected Gafgyt variant 1 IoCs
Processes:
resource yara_rule static1/unpack001/35ade707e40b3adfff9d45e1b8889c26cc81673e132f9573096ca4016db59be2.elf family_gafgyt -
Gafgyt family
Files
-
73ad848f69ea50a7bfb307834658ea1462d24ecd0eb0a34fc448686c657afb6d.zip
Password: infected
-
35ade707e40b3adfff9d45e1b8889c26cc81673e132f9573096ca4016db59be2.elf.elf linux arm