General
-
Target
bins.sh
-
Size
1KB
-
Sample
240803-fhdwbstfkl
-
MD5
0019152fa30c6a1f5babd6dc28ff797f
-
SHA1
06fbe116674f61cccd777f807c072569373c93ef
-
SHA256
de36953ab2dd21eecd40090cdc4bdd7add909897c8835f20742df47d413cf7d3
-
SHA512
14fda525ebe67725117dd3187168e9b0aba4c79d1d10133c204406ab217a7a88cab2a982761ba2f5bbd71afbed4af6b70327acf071ec4c50433de529287af1db
Static task
static1
Behavioral task
behavioral1
Sample
bins.sh
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral2
Sample
bins.sh
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral3
Sample
bins.sh
Resource
debian9-mipsbe-20240418-en
Malware Config
Extracted
gafgyt
93.123.85.216:39
Targets
-
-
Target
bins.sh
-
Size
1KB
-
MD5
0019152fa30c6a1f5babd6dc28ff797f
-
SHA1
06fbe116674f61cccd777f807c072569373c93ef
-
SHA256
de36953ab2dd21eecd40090cdc4bdd7add909897c8835f20742df47d413cf7d3
-
SHA512
14fda525ebe67725117dd3187168e9b0aba4c79d1d10133c204406ab217a7a88cab2a982761ba2f5bbd71afbed4af6b70327acf071ec4c50433de529287af1db
-
Detected Gafgyt variant
-
Executes dropped EXE
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-