gafgyt | 49b9c25e9c7b61ab998b2deed46377dd[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49b9c25e9c7b61ab998b2deed46377dd.bin
Size

48KB
MD5

158b9dbffa4903801773c432ae967574
SHA1

2186360430192fd56f67f1c0373a842c6d4a52c5
SHA256

eaa1e1fd1a68f465749667afbb223b499f3f7e45868ddd174340b8f7a5fe7c92
SHA512

aa557cad2e7261addf78313f891cea12462b657c9898b3ecf1d50df205b8944c2f276bd7ca5abfe7dd2c7ff6cef647d5c26d39c9dffa10a7198b38e9c85be78f
SSDEEP

1536:/9tNdX9oZS10I+PnpyluTnTYgxdf1A7XcKW:Vd9o0li3gjcf

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

198.98.62.168:23

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/acd3cef14c0588ec70809b75bbfbb3cc63baa6a1f19871b0c71d0a93b6c81bb1.elf	family_gafgyt

Gafgyt family
gafgyt

Files

49b9c25e9c7b61ab998b2deed46377dd.bin
.zip

Password: infected
acd3cef14c0588ec70809b75bbfbb3cc63baa6a1f19871b0c71d0a93b6c81bb1.elf
.elf linux mipsel