gafgyt | 2ea94ef28b4fc5264aec9141b504d310[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ea94ef28b4fc5264aec9141b504d310.bin
Size

51KB
MD5

df2b3c88dec5b6bc5e164bc8b6dcecf3
SHA1

1682e4f8ad3c11294db4c6795e390ef80554b2e0
SHA256

c61ae83448dc718618c9b305424346fad0bc8d6f21d4dd32d6c599b757949012
SHA512

e318fc3699e6948d69e1da4254c496b79787d74aab09d36cb2223eeaf63c5443458420ba447123e40f137dae0704051410ed110df036f2e8cf3538211ba9431b
SSDEEP

1536:i+q8fJ0hnoKvTAHvnzcw8jq7VYuW+gk6Mf:H7fJ0B9sHvD8+pYd+g8f

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

103.153.69.150:12345

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/d81627d850c1c7c33c88453f22c86ad9621de26eb78be22374134220b43717aa.elf	family_gafgyt

Gafgyt family
gafgyt

Files

2ea94ef28b4fc5264aec9141b504d310.bin
.zip

Password: infected
d81627d850c1c7c33c88453f22c86ad9621de26eb78be22374134220b43717aa.elf
.elf linux arm