General

  • Target

    44aa5f6a6ba7e35064dbde8a538ce010.bin

  • Size

    70KB

  • MD5

    569168595eeb2a8dc76a9b8890712400

  • SHA1

    ce84d8506149806f72631c18528303ebe193aa53

  • SHA256

    27421b0d3fe1b379fa1486ff5d969f32940849894f4f6febe664ff45dc3221c4

  • SHA512

    f46772f57a574ed0496873f84f8f5c0283cec39ccd14faa6cfaf0ebbbfc3dcb5ec7a0396b97bc4682b6f7087122d6417e500f3f9e6ad121ebabfedb3b6dd7a73

  • SSDEEP

    1536:LdnbSbREkBirZqtUYRRAB1MZpwMRpF3+OepXK+HRXzf/s6a4vq+X8YnN54aK9t:LdnmbREkYg1RABiLwEuLKCRDfE6Tq/Y4

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

193.35.18.187:64599

Signatures

  • Detected Gafgyt variant 1 IoCs
  • Gafgyt family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

Files

  • 44aa5f6a6ba7e35064dbde8a538ce010.bin
    .zip

    Password: infected

  • bc60466878ac1a81a15d4d1e967f6015dc8082a38ef3e0e28e105231cfe62872.elf
    .elf linux arm