MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0416ddc1fc217c77af16c69b5385788c77dda2c2f13c612934661f9e96b7681f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Gafgyt


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments 1
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 0416ddc1fc217c77af16c69b5385788c77dda2c2f13c612934661f9e96b7681f
SHA3-384 hash: e4898c56a4c9ba02e918ca6a41513375a255df60e1598f00ddeec7ad312be153f5e559d2c6ccf0ae9524695dd08a7de0
SHA1 hash: 02f9b678cf845ebee5c22b3ffb5b3f2d1e4dd6dc
MD5 hash: 39455549127e4f3b2c844f085c6538f8
humanhash: table-single-freddie-maryland
File name:39455549127e4f3b2c844f085c6538f8
Download: download sample
Signature Gafgyt
Create hunting rule
File size:35'184 bytes
First seen:2021-12-22 05:52:44 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 768:9bz4xUxLvLQ6M8HkEwSwryp/FgAzUb0zdwO+no4uVcqgw02TWXL:B4xUx7LQ6XkEwSwryDggUYzdwZo4u+qG
TLSH T197F2E152F0AB0C81C8F59DF24FC6EFD4DBB112E197909A56A0B8BF461812933179459F
Reporter zbetcheckin
Tags:32 elf gafgyt powerpc

Intelligence

File Origin
# of uploads :
1
# of downloads :
104
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Unix.Trojan.DarkNexus-7679166-0
Create hunting rule

Unix.Trojan.Mirai-7666587-0
Create hunting rule

Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
67%
Tags:
anti-debug gafgyt mirai
Link:
https://www.filescan.io/uploads/61c2bd3fec6c6c14a9e94af6/reports/f8da0a90-ba1d-45d6-b4f9-ee1e458e02c2/overview
Result
Verdict:
UNKNOWN
Verdict:
Malicious
Link:
https://analyze.intezer.com/analyses/bd07177d-4baf-4426-9428-c698c4d12e6b
Result
Threat name:
Unknown
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/911380
Signature
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/0416ddc1fc217c77af16c69b5385788c77dda2c2f13c612934661f9e96b7681f/
Threat name:
Linux.Trojan.Gafgyt
Create hunting rule
Status:
Malicious
First seen:
2021-12-22 05:53:09 UTC
File Type:
ELF32 Big (Exe)
AV detection:
12 of 23 (52.17%)
Threat level:
  5/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/211222-gla5aafgfr/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.38
Link:
https://yomi.yoroi.company/submissions/0416ddc1fc217c77af16c69b5385788c77dda2c2f13c612934661f9e96b7681f

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Gafgyt

elf 0416ddc1fc217c77af16c69b5385788c77dda2c2f13c612934661f9e96b7681f

(this sample)

  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/1909523/

Comments


Avatar
zbet commented on 2021-12-22 05:52:45 UTC

url : hxxp://209.141.42.170/SBIDIOT/ppc