Extracted

• • Target

    sex.sh

  • Size

    1KB

  • MD5

    a70f4bc15c5b399de5c3f066f7185973

  • SHA1

    b901c9043ee387c820e412cf757e76a5d8ef019c

  • SHA256

    1909a407766d028d3c093472b44aa98c9e61892d552a28cd5a4fccbc3b08f1a5

  • SHA512

    39cd4a2de797d4b33f473ccc110e4a1fc670c3d015486572d91d73718e8a53d588b6056e28a5f0a1f78d25fa15ed9435410a57709e51f4388b50aee48f79d837

  Score

  10^/10

  gafgytbotnetdefense_evasiondiscovery

  • Detected Gafgyt variant

  • Gafgyt family

    gafgyt

  • Gafgyt/Bashlite

    IoT botnet with numerous variants first seen in 2014.

    botnetgafgyt

  • File and Directory Permissions Modification

    Adversaries may modify file or directory permissions to evade defenses.

    defense_evasion

  • Executes dropped EXE

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  behavioral1behavioral2behavioral3behavioral4