Overview

overview

10

Static

static

10

47a4c78c49...60.elf

debian-9-armhf

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dc5b37d191af0c6757d793e774f316b6.bin

  • Size

    70KB

  • MD5

    02853086b90ba998b2d06420e206d298

  • SHA1

    ac0aaea0f333a21f9e670422b9b67ee76ccb8d02

  • SHA256

    e5e928fd9c23f6efb6396476c8337c80b3abba3f0896a2bbd88c3e645faa1e0b

  • SHA512

    5410ae214e090a1be0f0bf8b1baf33e1353841b04b4d58aa5dd0dd8901d9bd67551222385d3bf2841acb0d3ab16da2cf548f2a7abb1bed685ef96011b7ef6792

  • SSDEEP

    1536:hQJeO5YnDukJuBWt/XWT5iYj7GpGpABpUyF1sz+LVgjSF5qt:qJunykgBWt+T57j76nRmzig+F5qt

Score
10/10
upxgafgyt

Malware Config

Extracted

Family

gafgyt

C2

193.35.18.187:64599

Signatures

  • Detected Gafgyt variant 1 IoCs
  • Gafgyt family
    gafgyt
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Files

  • dc5b37d191af0c6757d793e774f316b6.bin
    .zip

    Password: infected

  • 47a4c78c491705b30cb872eab31319f6879bca66d62a04f63d2e0558d8631b60.elf
    .elf linux arm