gafgyt | 12c26af8392c86dc4fec416b9eab3162[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12c26af8392c86dc4fec416b9eab3162.bin
Size

50KB
MD5

31214bbbaaa111f1dd15f84ab905f872
SHA1

3441f06023dea544c23244727a241d18c5720d91
SHA256

4cb06d3c1b887dc80ae167bd0db05def330853607e124f49800273a9e59d0054
SHA512

87df5ccf9a226cd97167cb8004e97f3de092b6ad9d7d685f6db2daf823f6d0dbc48708676e09503d4955a56726117c9ad82a291f875771773377f90f5c91a732
SSDEEP

1536:WYJmSNffdAK0+FzFIoAvPT6QTpe7TQpqBYvU:XmSNXmK0QFkOQTg7pBD

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

45.88.66.177:23

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/649592adca3e5101328d9aa423c115f68640f044d268839d4488e930c9b4296c.elf	family_gafgyt

Gafgyt family
gafgyt

Files

12c26af8392c86dc4fec416b9eab3162.bin
.zip

Password: infected
649592adca3e5101328d9aa423c115f68640f044d268839d4488e930c9b4296c.elf
.elf linux arm