gafgyt | 658a433c7426c352d9fcb2b4ca28b29e[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

658a433c7426c352d9fcb2b4ca28b29e.bin
Size

64KB
MD5

65451524f35d082c9366c4f9c3fbd8c2
SHA1

8496948cb1b936d50cf8bfecf142a720f2a9a2de
SHA256

1d7c82e16f90184e69a66fe591ef785bb901afdf7b0169403d1c8583110a627c
SHA512

4ba218d7ef0d3c7417add070646d850014a41400812c72aef29d1487cb93fef2b7c0a661b3eb61a0d8c28aa51780c05c588b959f643a8eb27d4bb1b8ee2a6286
SSDEEP

1536:qojO0AHJIuaLXbQoEcINDEuOkUzuq5MumK:vK0kSvQoklEuO96qCxK

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

176.97.114.45:666

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/288952f7abbf2fe76764ad920abcc0760b0209f0ba42e1fdd3cbe59f506744d4.elf	family_gafgyt

Gafgyt family
gafgyt

Files

658a433c7426c352d9fcb2b4ca28b29e.bin
.zip

Password: infected
288952f7abbf2fe76764ad920abcc0760b0209f0ba42e1fdd3cbe59f506744d4.elf
.elf linux arm