gafgyt | ce3c80b95eb523d04fea1c8d2fe43880[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce3c80b95eb523d04fea1c8d2fe43880.bin
Size

51KB
MD5

d2da1cc68442e4f08985f211242f4433
SHA1

00c285adbcdc30c04c2ec04d83190e5aab263e97
SHA256

cf78a782d8339d877a992374822f4a9d790db8e9f7bb864be4693a3ef23950d4
SHA512

3f16d791974df87128befec53deff17cfef62ff35c28f8fc0c84e532491c25be472d6f677de7184b96c5083ef31aa7ca88de812b4db9a9a043584a48483e9062
SSDEEP

1536:AV+quh+kt5upsrrOiQb5YO00KwDzY3dYMe730E:/hXtMpsrKb5YO09wDzYWlQE

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

94.156.71.205:4258

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/a5605bd0665f9c6f644ddf7aa14814564a8b095db58f087d5fb49ab701e1bd90.elf	family_gafgyt

Gafgyt family
gafgyt

Files

ce3c80b95eb523d04fea1c8d2fe43880.bin
.zip

Password: infected
a5605bd0665f9c6f644ddf7aa14814564a8b095db58f087d5fb49ab701e1bd90.elf
.elf linux arm