Extracted

• • Target

    bins.sh

  • Size

    1KB

  • MD5

    d588d0b22dad3b7798f9b2bf95da8cef

  • SHA1

    014c3611137341068b4ca0bcceb877292951c8f4

  • SHA256

    13812257a0e69ebd845f474473a63f956293186d5ec5ee9cc7564369b2fcf2b8

  • SHA512

    f75477828c57c12b1e934366e1e70e314da13330087e8279412d22f8a6215d4d2b24c34d94ee028403987db6d9b5f57c249c445a44f046861aeecb91bedd21f5

  Score

  10^/10

  gafgytbotnetdefense_evasiondiscovery

  • Detected Gafgyt variant

  • Gafgyt family

    gafgyt

  • Gafgyt/Bashlite

    IoT botnet with numerous variants first seen in 2014.

    botnetgafgyt

  • File and Directory Permissions Modification

    Adversaries may modify file or directory permissions to evade defenses.

    defense_evasion

  • Executes dropped EXE

  • Reads system routing table

    Gets active network interfaces from /proc virtual filesystem.

    discovery
  behavioral1behavioral2behavioral3behavioral4