General
-
Target
01814124e110aa06db97a6538c91697f.bin
-
Size
43KB
-
MD5
b40ec22e138cd2b1d825a0ef768c1583
-
SHA1
a04cd16f98897645176bbfb2381df8de1314e685
-
SHA256
85ea9520e63cd874b0e55c6500f18b53df632d378d6546753aa1304b54e07a87
-
SHA512
6bc191476384e87a94808c23d4ea767b3792b75b3d600ac040da3686900f9d1de8b8ad2bcb7561e52f2fc64cbdf34716e29a03f2e88e5c29661ffcd3f2826cd3
-
SSDEEP
768:HUW3oP50TybdWcFRGIzekUmnpFemuX+IZwVSrCJoTxv3qxZhUrZ4LQSkrW6VP7AS:F3oR0T+rGIzekUc+deVSjTFa3SrZihA1
Score
10/10
Malware Config
Extracted
Family
gafgyt
C2
45.61.184.126:2782
Signatures
-
Contains strings common to LOLSquad DDoS tools 1 IoCs
Resembles a range of public tools written in C intended for DDoS attacks.
-
Detected Gafgyt variant 1 IoCs
-
Gafgyt family
Files
-
01814124e110aa06db97a6538c91697f.bin
Password: infected
-
0b44d94f8eede7b52a4f9465922baf36a4f119e12718b1dab0660fa53b56a4e2.elf