gafgyt | b449edd3b60245a4f97987dd5afa9811[.]bin | Triage

Sharing

General

Target

b449edd3b60245a4f97987dd5afa9811.bin
Size

41KB
MD5

81f4d2d86eb79dc52a34b2c0132348c0
SHA1

a9cf9caf42e181e685a8e012a8fed467aee7c777
SHA256

979e644fa21d38f7ea174c1db692261b53f85e9e6fb132e0919b3227cb1d39f8
SHA512

98d0d20ffc06877c16ee137e3b4fd2e401350fdb474a2b299f2e98e1e7194c05051212822cc620d02bd73a92ecbec3340a1fff49f6da66619a35e9b61dea7aee
SSDEEP

768:p9pysYWcHwBGGCy9yIqIeay3jFMUMdf02P6mCFoiD:xlYLHwBt9BqIe3urYoM

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

103.29.2.134:12345

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/83981024c834aacc141729a185cc3f3771e04feb8632ea209d47909e3b82d4b1.elf	family_gafgyt

Gafgyt family
gafgyt

Files

b449edd3b60245a4f97987dd5afa9811.bin
.zip

Password: infected
83981024c834aacc141729a185cc3f3771e04feb8632ea209d47909e3b82d4b1.elf
.elf linux x64