gafgyt | a6b61df7168ff50c8e21c7d11dcb8191[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6b61df7168ff50c8e21c7d11dcb8191.bin
Size

49KB
MD5

28e1947ef1af89d516e2eec87ac2a226
SHA1

9dfda274d5d3df32561bd2ef9019351ad5d2411e
SHA256

61602e010136ce8751f508524595ca06f06336c602f418a65ba91678941a9795
SHA512

7c7d0208469d6d20ae4e46cf2e394783e10729ff28a693f31fef8ddca5beea4a83ee7140c6ec5a59ee3ba282a2f462ef2c056eefd218379d4af7d54546f04cbc
SSDEEP

1536:DhGAmMwX9ri5Ad0uparTVxuKB2VPhiZdV5A:NEs++uparTrutt8v5A

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

95.174.91.180:4258

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/f97df5b884304a56b30d0b58b2263a238bc7c795fb0eb54ecf405205730162b7.elf	family_gafgyt

Gafgyt family
gafgyt

Files

a6b61df7168ff50c8e21c7d11dcb8191.bin
.zip

Password: infected
f97df5b884304a56b30d0b58b2263a238bc7c795fb0eb54ecf405205730162b7.elf
.elf linux arm