gafgyt | 2521efbff8e8a6bdcdb1eaab862c4835[.]bin | Triage

Sharing

General

Target

2521efbff8e8a6bdcdb1eaab862c4835.bin
Size

51KB
MD5

b17ecb8fd030f3d42355ad60fd4a6295
SHA1

de9b41ecd704bea8fa9a1a4c0b592cc392935e7a
SHA256

4d19ced2ef52e5d44b0c089c6200433a79ce7cb41859060c0086d6fd6d48399e
SHA512

8faf7d03c6604193b4406425e2b8827a55b54b41bb830cfba16ddb722e3c73e76b97b100ca02fabe81b7224792aa15248913b67c4c28f3daf783e9ee608e3523
SSDEEP

1536:Qe794LAeGbJoChiBkKcixsYubNBQMmyRvgrg:QK9iAUNVci5WQbIYU

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

154.213.187.62:1865

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/ffa5146ffa217aa42b4f38d3d8b000d50c4f43328a8257a5514abf53a51631c2.elf	family_gafgyt

Gafgyt family
gafgyt

Files

2521efbff8e8a6bdcdb1eaab862c4835.bin
.zip

Password: infected
ffa5146ffa217aa42b4f38d3d8b000d50c4f43328a8257a5514abf53a51631c2.elf
.elf linux arm