Overview

overview

10

Static

static

10

c6acb46eaf...81.elf

ubuntu-18.04-amd64

c6acb46eaf...81.elf

debian-9-armhf

c6acb46eaf...81.elf

debian-9-mips

c6acb46eaf...81.elf

debian-9-mipsel

Sharing

Copy URL Twitter E-mail

General

  • Target

    cb3859fd8631c3ad046b68890583dded.bin

  • Size

    44KB

  • MD5

    0d077a25e6fe26759d0db581c7430f3e

  • SHA1

    30ee96320fb7709e098a6126452497e8455f3d36

  • SHA256

    87059f9337ff15f2c23d20c82c46a7b0076c4630ecabf2b09b2fce258d7ea4b2

  • SHA512

    c842bfa3f45aca3caff62d0cbb0431a17ce65b5f1f212d9328da6c591283b3c6fb9a73d1473a808fb0f689c48fd5f61e7bef0bc64636c06208e614280286895c

  • SSDEEP

    768:z1FwmenDh6tHFi+qDKI1pXaUwDRQZifiGip/vwFv7PPzOa5bUE+yZ:z0mEhEHo1n/XapDCZifiGilYlfOmbEg

Score
10/10
botnetgafgyt

Malware Config

Extracted

Family

gafgyt

C2

45.61.184.126:2782

Signatures

  • Contains strings common to LOLSquad DDoS tools 1 IoCs

    Resembles a range of public tools written in C intended for DDoS attacks.

    botnet
  • Detected Gafgyt variant 1 IoCs
  • Gafgyt family
    gafgyt

Files

  • cb3859fd8631c3ad046b68890583dded.bin
    .zip

    Password: infected

  • c6acb46eaf0a30193208843e1e7dac1c42891c1e1bd9e965d4bd56c2ff422281.elf
    .elf linux sparc