gafgyt | 34c05e3d06346971a336a37047b3cd99[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34c05e3d06346971a336a37047b3cd99.bin
Size

48KB
MD5

109b02de1d89d8782bcf04341a174f3f
SHA1

079ccb74207e90a60af278274c6d1a12540ab5c9
SHA256

3d28d6b4163594b077c4995ecd949c2eb9f4a3177c3dbde4e134e5089b6ecf91
SHA512

1c1f3eb248861b10dcba14f35cf0e3886106297b2c3d6f5ea12bbbd44b8bf88b2d47552140b5ef6ce93a7ee34ff0c7513e7ec8cb4f9acbb1c4d25ba08de3e2d5
SSDEEP

1536:5FsTed65S2LkO9E2MjnGbLb0kkPWB/K9Wcl:71aSAkOZMjnaLbOPOKMs

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

103.153.69.151:839

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/d824ead6a9aa85570b33c1087d809572f36d4094291d0b2a1e15984b2b5e5857.elf	family_gafgyt

Gafgyt family
gafgyt

Files

34c05e3d06346971a336a37047b3cd99.bin
.zip

Password: infected
d824ead6a9aa85570b33c1087d809572f36d4094291d0b2a1e15984b2b5e5857.elf
.elf linux x64