gafgyt | 5962096609dbc00fd65764b048e83c74[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5962096609dbc00fd65764b048e83c74.bin
Size

37KB
MD5

3d72bf4df8cb8f7bb895138862b44d2b
SHA1

dea46e1efd732665f811e65c0b8da464c8b1073b
SHA256

0003487528aa039e450b88debcd1085950b43522cc7e4b66d2603c16e5779490
SHA512

5b2735e12bb1adc18fc690fd7889d758f917dd9fff4f1ebc11010a7f97b15d69b0faadbe07c887fc384fc5d1e845d1bb559a5cc8929a777452d5c0cb25771eae
SSDEEP

768:B3k8XE1zvoe9sKmmGnFvj8nOyR4u+kgaTkOPhk9:K81exmrFvNyR4u+kgaTLS9

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

5.181.80.134:888

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/f2dbb580eb0fd256b44223353ee06591abb3818f0d9bd228d3910c83885f7318.elf	family_gafgyt

Gafgyt family
gafgyt

Files

5962096609dbc00fd65764b048e83c74.bin
.zip

Password: infected
f2dbb580eb0fd256b44223353ee06591abb3818f0d9bd228d3910c83885f7318.elf
.elf linux x86