General
-
Target
240616-xsflcaxbrn_pw_infected.zip
-
Size
55KB
-
MD5
3cd7f5ba2544cd15a14bbc56ff4d302a
-
SHA1
076679db64e090ea4b84af3da3dd331202abec7e
-
SHA256
fdda10f627203bbb5b40c43019153a9f2dee2696e0b76b518888517da2699706
-
SHA512
febb97a2b0a884fcc45ad933a2344457621ff3ceac8a9cb376f952ea224637978b9f3a4fee0d70c04c977746538d7c413306c157b0a9cb596e4206112282e8f3
-
SSDEEP
1536:C7+1P4qepXdjzaMHSAOPWPFVTRkYqzDg5jHFRMcjt+s:A84q+BaMweNMYggV5+s
Score
10/10
Malware Config
Extracted
Family
gafgyt
C2
107.172.153.90:1337
Signatures
-
Detected Gafgyt variant 1 IoCs
resource yara_rule static1/unpack001/b4b945e1150b131d0f52895a5f0bfa5c_JaffaCakes118 family_gafgyt -
Gafgyt family
Files
-
240616-xsflcaxbrn_pw_infected.zip.zip
Password: infected
-
b4b945e1150b131d0f52895a5f0bfa5c_JaffaCakes118.elf linux sh