gafgyt | 1a5663e45fb221ab95c0161f0e63473a[.]bin | Triage

Sharing

General

Target

1a5663e45fb221ab95c0161f0e63473a.bin
Size

51KB
MD5

3e4bf796e6882e111eae64cc3e877a4e
SHA1

55475c6f9a1f2e6823326a83e24564efcaf72594
SHA256

eee394c8b004377b73c00ca3d9443aaa52e651a3ad0b8ebc3ebfe94396b0f0c5
SHA512

2fed7aac4a87c3d19216f9dca6294208628e041574d3d864bced334623c534d60fc71d261fb7f4597b1222e8eace4782c77306b2ad6492b2e297d017d63c9412
SSDEEP

1536:nokG7yRnOT/+J6oG7khDmF3iqumQA4jiZMN45:nvG7ydOT/lFwSiq314eM25

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

195.201.59.165:1865

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/074afa8a2aa53112b516f2a038bfc949c9d774ea46c171a131677d39fa640900.elf	family_gafgyt

Gafgyt family
gafgyt

Files

1a5663e45fb221ab95c0161f0e63473a.bin
.zip

Password: infected
074afa8a2aa53112b516f2a038bfc949c9d774ea46c171a131677d39fa640900.elf
.elf linux arm