Experts at the CSE Cybsec Z-Lab have found a Gafgyt variant implementing the VanillaUPX technique recently presented in a cybersecurity conference. This specific version implements some advanced packing techniques that make the static analysis much harder. Malware Must Die leader @unixfreaxjp presented the sophisticated technique at the recent Radare conference (r2con2018) in his talk about the VanillaUPX technique. The report includes a detailed analysis of the malware.”]
Source: https://securityaffairs.co/wordpress/76362/malware/gafgyt-bot-nup-technique.html