gafgyt | 5c92f4759dba0f52ed17bc3d889845d1[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c92f4759dba0f52ed17bc3d889845d1.bin
Size

49KB
MD5

8cbe5bebfc333fe8702503e1774b92ac
SHA1

76e081e38bad54619cb569d0a05707814e43cbfb
SHA256

56d000f0d8e4556379f076838733f020dc897202c91748e042c9ecf17de1f620
SHA512

3f44bb2e8ebd9a7b61a70ab7deb3806b463f79d919d13cee7289f1c6c668bb702055f39cb3e2d5316ea1ad17c7719ddca67390a1c5e3d04160f636b3658ac1d0
SSDEEP

1536:pNFxDpN4pA+Ax2YaNtvmVeAHyiyEt6ud8y121:pTxX7BOvmVeuylOd8y121

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

158.160.8.110:4258

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/b3b80fb43b3e281eb54e13717a3e80bb19a6fd4290ba7cb5fac7077fca406486.elf	family_gafgyt

Gafgyt family
gafgyt

Files

5c92f4759dba0f52ed17bc3d889845d1.bin
.zip

Password: infected
b3b80fb43b3e281eb54e13717a3e80bb19a6fd4290ba7cb5fac7077fca406486.elf
.elf linux arm