General

  • Target

    765f5277d33398d9655b8cd02708fa29_JaffaCakes118

  • Size

    527KB

  • MD5

    765f5277d33398d9655b8cd02708fa29

  • SHA1

    6d1e44c9bd06b72bcab1a2f2cd4620a3c5227683

  • SHA256

    ebb82fd7e2c357521871f22cfe67907829dc7feacec4ccef53b46629791640b2

  • SHA512

    41fa6f05f2c512005dd2dc1905a4e194a91e61a3456d623dabfd6c809ce5d870ec9730d4a4620873386603b8a1fa7fdaec3474369b278127a46436ad3db8fb71

  • SSDEEP

    12288:OuOQMitNLZItlGziQPJ0hQAr6teVwjnmhmk:OuzLqnGb0hUeV6mhmk

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

91.209.70.108:1337

Signatures

  • Detected Gafgyt variant 12 IoCs
  • Gafgyt family

Files

  • 765f5277d33398d9655b8cd02708fa29_JaffaCakes118
    .zip
  • .elf linux arm
  • apache2
    .elf linux arm
  • bash
    .elf linux x64
  • cron
    .elf linux ppc
  • ftp
    .elf linux x86
  • ftp1.sh
  • ntpd
    .elf linux mipsbe
  • openssh
    .elf linux sh
  • pftp
    .elf linux
  • sh
    .elf linux sparc
  • sshd
    .elf linux mipsel
  • tftp
    .elf linux arm
  • wget
    .elf linux x86