gafgyt | 5bf24283b2865ab6217e2ee234041de4[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bf24283b2865ab6217e2ee234041de4.bin
Size

61KB
MD5

cc684f3866482427588e2899f9c98cdb
SHA1

0eb89198cfa6f5c618003331149af0ac4c9dd5f0
SHA256

713f3545a7fa982dcd40f828df8508b1acd3f6147281f637680283ce9d629301
SHA512

8c0ae936a58c16c16a01a762cc2ff649d60924682c06cc1907daeeb5749b754a7a30719202083df0be2b6827214b182e0e7a8d74057f30955c7a57936a632dd0
SSDEEP

1536:P6O0MMOTFVqTlwffnwULZSmVN6RaZNWZesHiE8RgM9:jHqTlwQu3XZNiTCE29

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

91.92.254.140:562

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/9cf615d8b2b7d35692bfa00736aa30d01a4f8f01f721aea8531070c8800a6ae1.elf	family_gafgyt

Gafgyt family
gafgyt

Files

5bf24283b2865ab6217e2ee234041de4.bin
.zip

Password: infected
9cf615d8b2b7d35692bfa00736aa30d01a4f8f01f721aea8531070c8800a6ae1.elf
.elf linux arm