Extracted

• • Target

    ba18aff2c29cbe926a950c505310cbcee46e1b2e5fd38b08e8be5000e90301a5.sh

  • Size

    3KB

  • MD5

    2f17e8a3d3c383fa8eed2871c745febf

  • SHA1

    73ee845d24d3ae45e47c3f230f96fe5e81ef30ff

  • SHA256

    ba18aff2c29cbe926a950c505310cbcee46e1b2e5fd38b08e8be5000e90301a5

  • SHA512

    22c3a116f062889ad1bef07e20c9fab2cf1fd1993a4435eae385a28d5bbaf02569b08c1fd98022427e14fa44208201913ef4382a9f1921f544512cb9a1f7ca08

  Score

  10^/10

  gafgytbotnetdefense_evasiondiscovery

  • Detected Gafgyt variant

  • Gafgyt family

    gafgyt

  • Gafgyt/Bashlite

    IoT botnet with numerous variants first seen in 2014.

    botnetgafgyt

  • File and Directory Permissions Modification

    Adversaries may modify file or directory permissions to evade defenses.

    defense_evasion

  • Executes dropped EXE

  behavioral1behavioral2behavioral3behavioral4