Overview

overview

10

Static

static

10

1951ee3a21...21.elf

ubuntu-18.04-amd64

1951ee3a21...21.elf

debian-9-armhf

1951ee3a21...21.elf

debian-9-mips

1951ee3a21...21.elf

debian-9-mipsel

Sharing

Copy URL Twitter E-mail

General

  • Target

    2f604696bd8f002eba9b504b45167880.bin

  • Size

    44KB

  • MD5

    d5b8a8dca195b0a8bec28fb22f17ebe7

  • SHA1

    e977d12854cd859b220000344da60e9d3f14cc71

  • SHA256

    c210aec7329d26c1a2f758de56595a8b7bb764f330a5e3a2295c6f57f403087f

  • SHA512

    a8b1961166af9a047dd97c0518b95d38d5deccdc8f69789c2128fb023e40b1fa278f5bf33dbf69569704e85c29fd74239e7ff247232bc604f9e30254a53ecf93

  • SSDEEP

    768:u3eihUsveQOPjBuowqQCeiiIGpSLm8Q6b6DHLywPx1raMcQ7v76x+6+MTSgXogQH:uuiaKajBPwqTGe3qVPx42mxeM/XIiZC

Score
10/10
botnetgafgyt

Malware Config

Extracted

Family

gafgyt

C2

45.61.184.126:2782

Signatures

  • Contains strings common to LOLSquad DDoS tools 1 IoCs

    Resembles a range of public tools written in C intended for DDoS attacks.

    botnet
  • Detected Gafgyt variant 1 IoCs
  • Gafgyt family
    gafgyt

Files

  • 2f604696bd8f002eba9b504b45167880.bin
    .zip

    Password: infected

  • 1951ee3a215c962ead131c0a43debea3a8ddfa53988316eec3e5ea76eb511421.elf
    .elf linux sh