gafgyt | 5cb9ae2976b41fe42ad1396cbe805623[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5cb9ae2976b41fe42ad1396cbe805623.bin
Size

66KB
MD5

7654b079bae6a1a90b1a427c7ca4492b
SHA1

760da4df138ae799d419656f3774bdf8f8d9bfa0
SHA256

fe1c0450ded1917912aa335d32967e311a6b9844a60f11dce331872dbc960afd
SHA512

56aee34d75fd751ab871eedf8351e7a3abb92d00f7e4c19988c43b547ab82bf288358cb15a078651d845639aa989c44e7f874fd23e3a2e0a005567aea22e24a7
SSDEEP

1536:vWoBCEIBEgVsYoeNAWo+wJT6hTGBJ8DBK:+ovusYoeNA1++mY8A

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

85.239.55.70:515

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/a15c95eebafe63e75fbb0d8e9ab1e629cfa7d7fd9bc3898a5ae2b911eb0ae4e0.elf	family_gafgyt

Gafgyt family
gafgyt

Files

5cb9ae2976b41fe42ad1396cbe805623.bin
.zip

Password: infected
a15c95eebafe63e75fbb0d8e9ab1e629cfa7d7fd9bc3898a5ae2b911eb0ae4e0.elf
.elf linux arm