General
-
Target
3508a417d997601577256717987e5056
-
Size
136KB
-
Sample
231219-2wkrpaade8
-
MD5
3508a417d997601577256717987e5056
-
SHA1
d5474fdc5cac03efbe00213c2e54939517199bea
-
SHA256
0426965c1d3414d3f98e2a7b939b9173f620416929a902ec6b1aa4933b5b5d1d
-
SHA512
0b82ca8ec972e9a358ef19c17fa682cb419a999568a6f0cdd13fe1d84f943ed8040f23ae9167027c4e0ef087c15a181e169c0e220181848e1f740a87e04b6243
-
SSDEEP
3072:09wxeRttr9s6JJPj/lHhuv5UgMBphatPF7Qv8xCoMTeSiOUUuNeZT3uuYLC:uRdHh05ophatPFucC9TBiOUUuNeZT3uU
Malware Config
Extracted
gafgyt
185.244.25.228:5270
Targets
-
-
Target
3508a417d997601577256717987e5056
-
Size
136KB
-
MD5
3508a417d997601577256717987e5056
-
SHA1
d5474fdc5cac03efbe00213c2e54939517199bea
-
SHA256
0426965c1d3414d3f98e2a7b939b9173f620416929a902ec6b1aa4933b5b5d1d
-
SHA512
0b82ca8ec972e9a358ef19c17fa682cb419a999568a6f0cdd13fe1d84f943ed8040f23ae9167027c4e0ef087c15a181e169c0e220181848e1f740a87e04b6243
-
SSDEEP
3072:09wxeRttr9s6JJPj/lHhuv5UgMBphatPF7Qv8xCoMTeSiOUUuNeZT3uuYLC:uRdHh05ophatPFucC9TBiOUUuNeZT3uU
Score9/10-
Contacts a large (23688) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-