gafgyt | b60b71ce4b82ade3a82f405c5565d593[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b60b71ce4b82ade3a82f405c5565d593.bin
Size

50KB
MD5

5653688e4e8ac3e177f31f42e82c0725
SHA1

a0bae6a47bb1e273c5bbbe22576c764331b1d2b5
SHA256

ee64b331b9e07aa592db6aeb7923378d6804155c96affabc100c7f9298c8b257
SHA512

61c13de166e1a7e186dc0d7ab7c432b3bd411414dd1dd8a73eadaa3bdb03e335e32a84ad896322448c4f3bb8089295b51228dd65edef956a51126b31f90aa18c
SSDEEP

1536:13wUOAPWSFSo11MW43VJe+bi1JstvJ8pWH:Rqwoo1QPi1iJEq

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

176.111.173.27:666

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/881de044fd57afa88ccd2b5e41cbd6defe92ecec0086535c11200f941c24cb0f.elf	family_gafgyt

Gafgyt family
gafgyt

Files

b60b71ce4b82ade3a82f405c5565d593.bin
.zip

Password: infected
881de044fd57afa88ccd2b5e41cbd6defe92ecec0086535c11200f941c24cb0f.elf
.elf linux mipsel