gafgyt | cee64c4d7a3535fb9f6235bac041e569[.]bin | Triage

Sharing

General

Target

cee64c4d7a3535fb9f6235bac041e569.bin
Size

49KB
MD5

c188c241b9e37f61ae17c7a52c8b5c7b
SHA1

ffc23656edbc595916020ed8e6395c82ed80217e
SHA256

f00b26652ec2980c553b663e59a47baf25accc89a241580bd5e305e003321df2
SHA512

b737526f865fb8d2db7dd781f2123c53250e48a24d0a045099dd05e89b079212411bb07d17b463ec1756852814a54208d87e47428ff7bb102f5ba1f8cc084b80
SSDEEP

1536:zRM08X91r7VanQbNlfA/r3K7V21jJWp0v7P:1fa9FVyAA/r3K7Mtvz

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

38.58.177.229:4258

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/a981d9b81847958256835570298fd0af776b4ca70aa248bb6ed39a31fb713bab.elf	family_gafgyt

Gafgyt family
gafgyt

Files

cee64c4d7a3535fb9f6235bac041e569.bin
.zip

Password: infected
a981d9b81847958256835570298fd0af776b4ca70aa248bb6ed39a31fb713bab.elf
.elf linux arm