gafgyt | ef9a12ee4229b310fcdb987b59a747c4[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef9a12ee4229b310fcdb987b59a747c4.bin
Size

58KB
MD5

dc299d902e668a84c7180542185cce98
SHA1

ac7b68a24c4aeff95749ce6a8ab1b2f58c029932
SHA256

20981dcbdb98a471d4a2b4b2341c73eefed59265c4f3b3194e91b89e1aee0fb4
SHA512

bd09a87e8cdac88013898ad969cd9941583eb06cbdc7107510c4bf95fc60e4f800c299b4c60eb1cba81cc8a870a3d2ff76cb4819b9bc897a2422ab4e38bd6b49
SSDEEP

1536:Lct/Xe/XcdSzMyrFLrE+51gYh+UC0+Toldp:egeSzLL15y6+UC0Fv

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

103.153.69.151:42516

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/b71d7265aee535b7975edb3e4e36140dd9d1eb2373d053c589eb6e009024a320.elf	family_gafgyt

Gafgyt family
gafgyt

Files

ef9a12ee4229b310fcdb987b59a747c4.bin
.zip

Password: infected
b71d7265aee535b7975edb3e4e36140dd9d1eb2373d053c589eb6e009024a320.elf
.elf linux arm