General
-
Target
SnOoPy.sh
-
Size
2KB
-
Sample
241203-16rsbaxkaw
-
MD5
8ea1e7d08dd0cf52bbdddc3222e9b8af
-
SHA1
f031a227d961d83fc0083c4b5b7b4ccdfe64e711
-
SHA256
2884954c3ee63cc245def342b3946b24b0aa2cbaebf7d6b2c5a8fd009760a469
-
SHA512
1be9d8a04c9b95e9e07c6fad4ae90a160219b05d0bf4b77578ac7dee91b5f336688ac792aab88cc78b5923963e1c9bacf8c0407fc22119041e9def0f217800da
Static task
static1
Behavioral task
behavioral1
Sample
SnOoPy.sh
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral2
Sample
SnOoPy.sh
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral3
Sample
SnOoPy.sh
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral4
Sample
SnOoPy.sh
Resource
debian9-mipsel-20240226-en
Malware Config
Extracted
gafgyt
192.3.179.33:23
Targets
-
-
Target
SnOoPy.sh
-
Size
2KB
-
MD5
8ea1e7d08dd0cf52bbdddc3222e9b8af
-
SHA1
f031a227d961d83fc0083c4b5b7b4ccdfe64e711
-
SHA256
2884954c3ee63cc245def342b3946b24b0aa2cbaebf7d6b2c5a8fd009760a469
-
SHA512
1be9d8a04c9b95e9e07c6fad4ae90a160219b05d0bf4b77578ac7dee91b5f336688ac792aab88cc78b5923963e1c9bacf8c0407fc22119041e9def0f217800da
Score10/10-
Detected Gafgyt variant
-
Gafgyt family
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-