gafgyt | 6c01c003d17c539ea47a350786e448ba[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6c01c003d17c539ea47a350786e448ba.bin
Size

64KB
MD5

d1bd03a40e061cfc5a2d24c01b74ab4c
SHA1

e1fb953571b939bacdc459c7b145a8cdcddd02d2
SHA256

343e52b7a18c1d6c32b560517003c17cae5056f79f61506b197cb0ac069fc797
SHA512

c67511f5ac70596055bc9fb6a529b06c7f5f61c20f8d1bf724cefb90ea18b251c6e344670c536e9be366a2bc2319b05301f0eb8b50c820de0085fee9e0d24387
SSDEEP

1536:zZwIV0RBo26VNNniMBtkOSjqbRPn71xlf6EngjXY:zWRBo2ENiktkExxngjo

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

5.253.246.39:666

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/6da79a6ef1d637f3ca57296f3edf948a375672247fe00198bd3982907e876fae.elf	family_gafgyt

Gafgyt family
gafgyt

Files

6c01c003d17c539ea47a350786e448ba.bin
.zip

Password: infected
6da79a6ef1d637f3ca57296f3edf948a375672247fe00198bd3982907e876fae.elf
.elf linux arm