Overview

overview

10

Static

static

10

0dd879d252...39.elf

debian-12-armhf

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    41e5aa992b8679a8ea9db3f5b4b8e498.bin

  • Size

    54KB

  • MD5

    1eab47868731a982dc5f4c7f2fb777ea

  • SHA1

    9e988d426af46a68e4ffc91fb38c6dacd3acd3d0

  • SHA256

    07534db7b36a3b3bd4483d278189d311fae4765e46b61116f049be4082a8b594

  • SHA512

    aa3b4883bad17e88017dbaad7ec88c41f2efb8bca89be8051aeb3ba783cba9487f764daf982f65349b8e83d473d138f63510c26832c5bf35d6a2558788514d72

  • SSDEEP

    1536:HVqlISG5aFvpQkXxpo9op7WNord+XDbggL1YkOD/KllZ0O1:AlISG5UvekX3cicKkXD8g3OD/KllZ0y

Score
10/10
gafgyt

Malware Config

Extracted

Family

gafgyt

C2

91.92.240.123:999

Signatures

  • Detected Gafgyt variant 1 IoCs
  • Gafgyt family
    gafgyt

Files

  • 41e5aa992b8679a8ea9db3f5b4b8e498.bin
    .zip

    Password: infected

  • 0dd879d2525029beda5335f0085cf73e40f7f1b7ed48c6a9647543094016ea39.elf
    .elf linux arm