gafgyt | 0e8ca565c519027bc7e3105338ca1a2a[.]bin | Triage

Sharing

General

Target

0e8ca565c519027bc7e3105338ca1a2a.bin
Size

50KB
MD5

4308f82f87ee6f60767c21f9f8517899
SHA1

0b23652cda5b87ccff8fd3072288c0db67c721d1
SHA256

5ee6816259fdcee1836963c0b95d5db9b5a5d4ded0c37a8ade1a914daf8f2f23
SHA512

44860feeaa6534db913a33368c0452587dc13cfeebdb9639ec23872bc30fadd5d9557d1eacf0b6f2e40eb60768b1644f6a4192a63048115ec98ef6b3fa050536
SSDEEP

1536:p7yRMJwVMbSxnCIJzui+VWxPX3NQww7hC7GLg:p7sMJ0Mb6hui+VWlXfwjLg

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

185.196.8.31:76

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/d4d3faa8159d7b78d029256519f96619fe2edd6062ba058d42dbe28c2d3d8c37.elf	family_gafgyt

Gafgyt family
gafgyt

Files

0e8ca565c519027bc7e3105338ca1a2a.bin
.zip

Password: infected
d4d3faa8159d7b78d029256519f96619fe2edd6062ba058d42dbe28c2d3d8c37.elf
.elf linux mipsbe