gafgyt | d11c05d10d9e70b07269f8091d1b247a[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d11c05d10d9e70b07269f8091d1b247a.bin
Size

50KB
MD5

df31853b3685a1540bf25b782cbdf2ed
SHA1

624da9f77386e2e5dfc8a4c065a48ebe1a84b944
SHA256

38f33b012e80b641c554a6b65315a96d0469f2b12aa707504492e29fe74f3e43
SHA512

3b73d626554f142fa24a98ef3d7522bf1a5ede6c8f7cbb7d96e04b4ae256d5926ee14076c336f0fbae62d4bd0f2cd954ec6faded780731eb11be767ee234df19
SSDEEP

1536:xY+RdNhjxyKq0RX3Ba8bN8mOm4r1B5Vn7w:x3RdNhtyv0XB8m9I5tw

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

176.111.173.27:666

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/94a7beb2d03227aa404988abfde526fb9d36d8f3da6f8e68b998506e111905af.elf	family_gafgyt

Gafgyt family
gafgyt

Files

d11c05d10d9e70b07269f8091d1b247a.bin
.zip

Password: infected
94a7beb2d03227aa404988abfde526fb9d36d8f3da6f8e68b998506e111905af.elf
.elf linux mipsbe