Overview

overview

10

Static

static

10

aa35a43d7a...7e.elf

ubuntu-18.04-amd64

aa35a43d7a...7e.elf

debian-9-armhf

aa35a43d7a...7e.elf

debian-9-mips

aa35a43d7a...7e.elf

debian-9-mipsel

Sharing

Copy URL Twitter E-mail

General

  • Target

    a1b10a659cf158c51820e6dfb4f20418.bin

  • Size

    51KB

  • MD5

    c7aed86babc78f6d650256a8254e4efc

  • SHA1

    675e91769f11b4f9318fd94a8585aaabfd2eaed1

  • SHA256

    eaad31c48c38ded22b7c92a7b5de57e46a4b43c89462594c9126bc84f686d79e

  • SHA512

    6dcc2fee04ba0d3363577aaa000771401721cb7582cb2d8589efc1f4c808010aea88098e00ee0ea6ba745295097413c805cdfa7794fcabaee2c3d7e6c283eb87

  • SSDEEP

    1536:+P6HKbBttFX8Mb4Io6FOntcrOTSQ4UH8eZFrHn5:U6aP8KZ9bOTSQfcMrH5

Score
10/10
upxgafgyt

Malware Config

Extracted

Family

gafgyt

C2

193.35.18.187:64599

Signatures

  • Detected Gafgyt variant 1 IoCs
  • Gafgyt family
    gafgyt
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Files

  • a1b10a659cf158c51820e6dfb4f20418.bin
    .zip

    Password: infected

  • aa35a43d7a7c71f4b12b4cad5f89ce3116ffc71f76a2759ab3c4c74950dc427e.elf
    .elf linux ppc