gafgyt | c4f6352a4cf74fbf3a9634cd897de59f[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c4f6352a4cf74fbf3a9634cd897de59f.bin
Size

64KB
MD5

ce507a7ab431a45fa52a9ae65dce03c6
SHA1

f933103f0f8ddb6ab514e1e689933ba69a5d12c5
SHA256

da60cfc71bc5a177134e8518a13e05db7589c6efdb65d60a6a5d7ac841b337fa
SHA512

9f76dc795cd6715b6e4626b9b4967aeef6fa628fafb93d5d7a30f620dd5929a04d2cd0f584fa203844993bafddbcf2edf1b35e0a3a3cd3dd0d84184300fe2fd3
SSDEEP

1536:XfnNJfYZ/MFBcpphSJUQqF7y4ZK3ljO1bHNd:XvXoUcpeJ1q1u3Ibb

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

93.123.85.170:666

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/c97933a8eceefe37d3283c5930b456f90bad0b090c53d9a6a8e29ecb5798f8a2.elf	family_gafgyt

Gafgyt family
gafgyt

Files

c4f6352a4cf74fbf3a9634cd897de59f.bin
.zip

Password: infected
c97933a8eceefe37d3283c5930b456f90bad0b090c53d9a6a8e29ecb5798f8a2.elf
.elf linux arm