gafgyt | 5eee5eb2e31d7d9bb8c5925ecb8e2deb[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5eee5eb2e31d7d9bb8c5925ecb8e2deb.bin
Size

66KB
MD5

f9be9034020ee2e535401d35f694e587
SHA1

032845c84c1c9eb4d6b0c4bfa91e17ef6bd5b591
SHA256

ef8433c238f8e3f0bf8c2c6517baf5eb5e84cd862fd821eb105b3aba2647cd2f
SHA512

e1ed5c59e25110535566657a9fec766e2d997a93ce1276adee68d2e56d78469c3b5f207b23bca572cb0cc56f9c044a42796b1fd0701010dbdf50d67c2cdde374
SSDEEP

1536:PtPodCFgvIBEgT9QVNZy2hXR5iEj0TGytixdz:P+d9vKXiVNkgR5bQTG/

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

93.123.85.167:77

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/9d883e513abd050da28b51de7ec2cdab5d49ef511993135cc48193faf24d6a94.elf	family_gafgyt

Gafgyt family
gafgyt

Files

5eee5eb2e31d7d9bb8c5925ecb8e2deb.bin
.zip

Password: infected
9d883e513abd050da28b51de7ec2cdab5d49ef511993135cc48193faf24d6a94.elf
.elf linux mipsel