Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

bins.sh

ubuntu-18.04-amd64

10

bins.sh

debian-9-armhf

10

bins.sh

debian-9-mips

10

bins.sh

debian-9-mipsel

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bins.sh

  • Size

    1KB

  • Sample

    250203-kfcmpswmav

  • MD5

    202fafde5b2c6cd0b2548109a608c775

  • SHA1

    8872cccf4cfe65381ec53cebf811e1b8e7d11cd5

  • SHA256

    4968ba801674176e9d07c54ed20f199c123ece3c0c4082ee35a3ff4d7ee00471

  • SHA512

    3c3f2e2d23ce7e19840c7bfb03d1f105d226cda0e59eee1fd8350f1b91002ac785d79a168acb22e3bd99ef180ae0f6e79905804a120dd7b078601e5d24656413

Score
10/10
gafgytantivmbotnetdefense_evasiondiscoverylinux

Malware Config

Extracted

Family

gafgyt

C2

185.237.15.131:666

Targets

    • Target

      bins.sh

    • Size

      1KB

    • MD5

      202fafde5b2c6cd0b2548109a608c775

    • SHA1

      8872cccf4cfe65381ec53cebf811e1b8e7d11cd5

    • SHA256

      4968ba801674176e9d07c54ed20f199c123ece3c0c4082ee35a3ff4d7ee00471

    • SHA512

      3c3f2e2d23ce7e19840c7bfb03d1f105d226cda0e59eee1fd8350f1b91002ac785d79a168acb22e3bd99ef180ae0f6e79905804a120dd7b078601e5d24656413

    Score
    10/10
    gafgytbotnetdefense_evasiondiscoveryantivm

    • Detected Gafgyt variant

    • Gafgyt family

      gafgyt

    • Gafgyt/Bashlite

      IoT botnet with numerous variants first seen in 2014.

      botnetgafgyt

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Executes dropped EXE

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.