General
-
Target
gtop.sh
-
Size
2KB
-
Sample
241225-tc3t6axpgm
-
MD5
297b82d777e2257fda8221703403b2d3
-
SHA1
d1ebd4f576bf89adcdf9453879c3ae2adeeb42ed
-
SHA256
7080f56e8be79f89d154730ffb07e9d9f22bb754c6ee295548593245bc21a1af
-
SHA512
dc0fc05650eca6bde3d5b02568e68810c61e1b6b58f5bb31f4847ef4082cd63f7aae45db042ec4e7f659615e761dcd472c6b8e20abd6e8431a3bd0c0f2ecea81
Static task
static1
Behavioral task
behavioral1
Sample
gtop.sh
Resource
ubuntu1804-amd64-20240729-en
Behavioral task
behavioral2
Sample
gtop.sh
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral3
Sample
gtop.sh
Resource
debian9-mipsbe-20240418-en
Behavioral task
behavioral4
Sample
gtop.sh
Resource
debian9-mipsel-20240226-en
Malware Config
Extracted
gafgyt
154.213.186.115:4444
Targets
-
-
Target
gtop.sh
-
Size
2KB
-
MD5
297b82d777e2257fda8221703403b2d3
-
SHA1
d1ebd4f576bf89adcdf9453879c3ae2adeeb42ed
-
SHA256
7080f56e8be79f89d154730ffb07e9d9f22bb754c6ee295548593245bc21a1af
-
SHA512
dc0fc05650eca6bde3d5b02568e68810c61e1b6b58f5bb31f4847ef4082cd63f7aae45db042ec4e7f659615e761dcd472c6b8e20abd6e8431a3bd0c0f2ecea81
Score10/10-
Detected Gafgyt variant
-
Gafgyt family
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-