General

  • Target

    19ca6a62eb123c25835f72b1306e8955.bin

  • Size

    54KB

  • MD5

    cdbf529baaca42e57012069235f28281

  • SHA1

    cd092d1d405c5fcc91ac6199d864c0dfae4b5785

  • SHA256

    fd5b545c1cef8b1b3f2e07eaf8b37258dbbf015ccf838e754dbfceca24a87d6d

  • SHA512

    74bcdc47c4f1ff7415b27bd7b73636e90f911fb0712ff42752f7925bfb05f610ec2ed381448e5349a6ac3ef932f240e78a882257a1fd689ae9d2bdf6a0518cd5

  • SSDEEP

    1536:TCQO9xP+NnzffC7VARA2cqFFKBlfALDwW:Y4z3qCKe8BloLDl

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

193.35.18.187:64599

Signatures

  • Detected Gafgyt variant 1 IoCs
  • Gafgyt family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

Files

  • 19ca6a62eb123c25835f72b1306e8955.bin
    .zip

    Password: infected

  • c638e269af3c0def3fd3ecbac9d9991df4ed16924b548052928b9c9b14b80a44.elf
    .elf linux sh