gafgyt | 2c618cac155908a7db32dd15c8395f6a[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c618cac155908a7db32dd15c8395f6a.bin
Size

53KB
MD5

307cafb7afa25b4f5b59e126e6fbb0d1
SHA1

df83c07938706d04ff0e44688d4c7d0c18e0384d
SHA256

7c354a64ec81b83a3604bb054637cadf1477152b4e0d2c26d201209a670a1f83
SHA512

02f2ff4fc1a2e30f3851bafb2d243c2e12661ffe175c80c9b2b37ed71a3ca640c4f7993c2a57b63deb91c06c00600e9b2752715bb2431c9457ef5887be43f3fe
SSDEEP

1536:6SFZYllrixX3WLtkVT1ybpTdEKSZEwz8yc72HAq:6SDmri0LK1aTKrc6d

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

147.185.221.19:30455

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/e9d3e2a5337f835c54495ffefb5b35f397908e4d9d2918505b9be90bccb7486f.elf	family_gafgyt

Gafgyt family
gafgyt

Files

2c618cac155908a7db32dd15c8395f6a.bin
.zip

Password: infected
e9d3e2a5337f835c54495ffefb5b35f397908e4d9d2918505b9be90bccb7486f.elf
.elf linux mipsel