gafgyt | 1d80d302483e4e692ddc941b23904b6b[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d80d302483e4e692ddc941b23904b6b.bin
Size

64KB
MD5

d4136f3d50fc5982b66df3afa3a910de
SHA1

28b01667f1d3befe1f472bdcc23fdf1d48f191c4
SHA256

468f0f11af5d81f21699f774ee9504ad2ddeee53b98f0ff6b7d362594628e263
SHA512

a9b2e4fa0ba8ac95b76fb1656dd0ff270c9802c9a71967f06bc7ea042883fee9a2eb404fa9ce32a7dc8ba9a4cda81c721f5b8e95ca0cc904f0510ac835e3a69e
SSDEEP

1536:qFR/NQkvLZYM0Pv2x3vdGJjjzuFQpTTOx3SM:IR/NRLD0HqFGpzcCUiM

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

84.54.51.49:888

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/c7a2a4e9f475ecabf3c015e04e1c7ce737bb82f0bf2f1cd8fb880aad667ba361.elf	family_gafgyt

Gafgyt family
gafgyt

Files

1d80d302483e4e692ddc941b23904b6b.bin
.zip

Password: infected
c7a2a4e9f475ecabf3c015e04e1c7ce737bb82f0bf2f1cd8fb880aad667ba361.elf
.elf linux arm