Extracted

• • Target

    shell.sh

  • Size

    327B

  • MD5

    be3860edd084c6394d9894627d926283

  • SHA1

    0084acbf7a34fece5ee66fd63b64234d5d2238d8

  • SHA256

    d1f89f4c630323b37a6f669903f2e617a0616052c4b900e33d0b9eb41084514f

  • SHA512

    06440f218923e2062a940299d2386762eb228d87a5407430191733865e122a0cb4a5c076b07ff9b5547933b80653555cbfcfc4b7d31eedcc6f132372d6be105a

  Score

  10^/10

  gafgytbotnetdefense_evasiondiscoveryupx

  • Detected Gafgyt variant

  • Gafgyt family

    gafgyt

  • Gafgyt/Bashlite

    IoT botnet with numerous variants first seen in 2014.

    botnetgafgyt

  • File and Directory Permissions Modification

    Adversaries may modify file or directory permissions to evade defenses.

    defense_evasion

  • Executes dropped EXE

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2behavioral3behavioral4