gafgyt | 410c2910e994e38f065c007c10436cdf[.]bin

General

Target

410c2910e994e38f065c007c10436cdf.bin
Size

46KB
MD5

295949561c8850125d1dc1285fe3bf67
SHA1

72279fa3c8f568b28391073a0c6fba09be55663e
SHA256

4e7f7c4357af45f2e1249fbf9b95a5fe3651a255f9e4b59082e1259e9542f0e4
SHA512

e01f8b54334aedc4e6d45d4a4ac0314228806ca8a88485a51cebf26996ea187ba605af87167630869f32e81487c25859f223e70b66aaaf10aabeb49422ac07e4
SSDEEP

768:0I0Cg/itlRbtdYxQ06eGipWEgzWkvGjUCAjzry8UU8yJciCYV78Amhvw:0I0Cg/SRb7f3zWwGjUCYzry8UccCoAmS

Score

10^/10

upx gafgyt

Family

gafgyt

C2

193.35.18.187:64599

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/b408a9e7d841b2672e8a93069093b29143065edf5356f01ab301d7600409e20a.elf	family_gafgyt

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/b408a9e7d841b2672e8a93069093b29143065edf5356f01ab301d7600409e20a.elf	upx

410c2910e994e38f065c007c10436cdf.bin
.zip

Password: infected
b408a9e7d841b2672e8a93069093b29143065edf5356f01ab301d7600409e20a.elf
.elf linux x86