gafgyt | cd31d882ca56edd0c836e05d58f06cdb[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cd31d882ca56edd0c836e05d58f06cdb.bin
Size

49KB
MD5

890e149f56a8ccd8a7e4feea652592ba
SHA1

b09bc590c2076a1fae9bfa9ca9f691c808d9d699
SHA256

9af8e6e8c97c90b3695347b03428a343195c44958ba6ac473dd6418776285580
SHA512

c736f5153aa08196ea876ae3f7228a62b94052978c735dabaa5544cbfa6d152c91a82dea90c28b88e7ba9ce08f8975062d5a02f0c1edefa63f7fe1b8b5b16cdd
SSDEEP

1536:FB/Ypvpeoba4GkQaTyAvqiItOx0jAdCdMl:FB/iN+kQaTyAvEtOmj2l

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

103.153.69.150:12345

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/1c322df6c15d78dff62341a787237a2253b043f126c23a45647ffb12c366eef3.elf	family_gafgyt

Gafgyt family
gafgyt

Files

cd31d882ca56edd0c836e05d58f06cdb.bin
.zip

Password: infected
1c322df6c15d78dff62341a787237a2253b043f126c23a45647ffb12c366eef3.elf
.elf linux mipsbe