gafgyt | 63a0cadf1fb6e2a16f24111d3a317f65[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63a0cadf1fb6e2a16f24111d3a317f65.bin
Size

49KB
MD5

4cd9211933c76252c01aed160a95af1d
SHA1

3b9194457e96a4152937036e7090418e436f0fdb
SHA256

1cb811117ab302566d45ff2b204c4cb673edfb5bf11c2d8731c0b15db4e05bd8
SHA512

7af161b0cf66b1ff8ff09ced40b1d64c746d80851894b44d15d34a4bfd91979f98d1d21678291e7aaa873c3eacffcb9ea5da8b4102041eebfe752288931b729d
SSDEEP

1536:Oq80fUcnniJMUA9OhnTaSzHWL9/91N238FnxZmqJ:Oq7ijBHYztFnxD

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

103.153.69.150:12345

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/d839434f99106125ce5060ab5c1c5e79eab1993f64a367f5507cdaa58a2d3b7d.elf	family_gafgyt

Gafgyt family
gafgyt

Files

63a0cadf1fb6e2a16f24111d3a317f65.bin
.zip

Password: infected
d839434f99106125ce5060ab5c1c5e79eab1993f64a367f5507cdaa58a2d3b7d.elf
.elf linux mipsel