Overview

overview

10

Static

static

10

502850a0fa...23.elf

ubuntu-18.04-amd64

502850a0fa...23.elf

debian-9-armhf

502850a0fa...23.elf

debian-9-mips

502850a0fa...23.elf

debian-9-mipsel

Sharing

Copy URL
Twitter E-mail

General

  • Target

    995297be98c0211135485e6d96e6c672.bin

  • Size

    44KB

  • MD5

    e5ca15ef568cdf63e2dc64170ec9acfa

  • SHA1

    5f521ccea9b3ea1705761aff887e6613d1b9aba4

  • SHA256

    7c2fd6ade85845086fa4020e89aa41cf973a6a8171a1f868885190026c46d700

  • SHA512

    0879d1ce16c6fbd80ad97f60a3914147b16b3bbc8ca0e4c6d1a6d4ddce26540bd5d85f962306e1d88d26b2bcaed64f080f53c5f77b60d2998d97e2ef865d9d3f

  • SSDEEP

    768:qJLDF10P8EFdWSawtM8t1mKcEoV3P82DmnH15cOFycaBm6j85u6arI4hg:qxh1UrY4O8t1mNV3pmnH15cJBOj4C

Score
10/10
gafgyt

Malware Config

Extracted

Family

gafgyt

C2

139.177.202.27:23

Signatures

  • Detected Gafgyt variant 1 IoCs
  • Gafgyt family
    gafgyt

Files

  • 995297be98c0211135485e6d96e6c672.bin
    .zip

    Password: infected

  • 502850a0fa4a5351c8c762505a40e1b4298855d61d303d61ffadbd13d177b223.elf
    .elf linux