gafgyt | 471f88d2c133527605065bd3c2dd199f[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

471f88d2c133527605065bd3c2dd199f.bin
Size

48KB
MD5

2b6076e14f6c8b72329aa5ee0a2b79ff
SHA1

ebf75b0e1a2ec0b49c62b43b397c437d9f5f129f
SHA256

2752813b11fdb2bc5eea5f996bf4c34b9ba26bdc39ad47490f26ef3982507902
SHA512

3204968b8e1976b9872b69b7dd969f42b9c675b8b52ea594ffc18310c80a7f68d45f6c4e3bac0bccf01405465c21c0a486e376d74d5283bd9c087cd98c566d78
SSDEEP

1536:b3Dat3utyyIG3V2QfwlD9RoX5u3LAeB9k2uncmW:vg3cDIqVFA9RoJuUCk3ncmW

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

37.221.65.177:23

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/9ba9d587df1801270c1008060c062a26a02dbe61bcb959470cbc882a5d22aeb9.elf	family_gafgyt

Gafgyt family
gafgyt

Files

471f88d2c133527605065bd3c2dd199f.bin
.zip

Password: infected
9ba9d587df1801270c1008060c062a26a02dbe61bcb959470cbc882a5d22aeb9.elf
.elf linux mipsel