General

  • Target

    97cf5198be05d13e85a49e4720b2050f2af110ae775bcd6c180391e8853ecd7f.zip

  • Size

    67KB

  • MD5

    a1a719bb795a25b975d69241fe522ae2

  • SHA1

    23eff1b3143778eafbd7a58ee296128fd9c7a2fb

  • SHA256

    89ce0b023e9050db5e97d720d7154ec534d9a288c887cda09fdf134730d5abcd

  • SHA512

    689bc78062de61c335b2e08113f3bd07d21e4ad615688ad995918aaf5a0ae91f47b231813a70aa5affb8206c64a52770f678e8b5b6a8632f22096e92a834c1de

  • SSDEEP

    1536:537yXDDWQ6pWVJ/+44mffUMEZe/l+PGuwqzCY8fLLeEUK8s3SNUMkxbz:53OXDDW23/+nmffpEZeYPGuwqWY8fLiy

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

193.35.18.56:65490

Signatures

  • Detected Gafgyt variant 1 IoCs
  • Gafgyt family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

Files

  • 97cf5198be05d13e85a49e4720b2050f2af110ae775bcd6c180391e8853ecd7f.zip
    .zip

    Password: infected

  • 97cf5198be05d13e85a49e4720b2050f2af110ae775bcd6c180391e8853ecd7f.elf
    .elf linux arm