gafgyt | 86e0ecb88b3a5880862e0be8e3ab0fc1[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86e0ecb88b3a5880862e0be8e3ab0fc1.bin
Size

50KB
MD5

c3f1e7adb4ef8ac3e06ff765e4c64de7
SHA1

f49bbc445b6d2474f98f7da84e892f1ee56867af
SHA256

1c707809e5bffb86db0e6049bd0e34f71822bf2ffe0c0a8c9b5190ed3683adb4
SHA512

2eca2ed179965cbb6913e0a928395cc486aa7489bf2caa02d7618756466cfb7c185d20e4f41c1386f26b66f36326d6c0d1ea1e4948915a7556898a4d2b729031
SSDEEP

1536:ovuSHS6NzoUtrzmSppJEfSBPKuzGWlcUr21:oZHSqoURaS3JEqBPKFWlbw

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

31.172.83.147:4258

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/223081fec38b805a88edf16c10d9dbc961af19af51edf96ae7fe4af15ff23671.elf	family_gafgyt

Gafgyt family
gafgyt

Files

86e0ecb88b3a5880862e0be8e3ab0fc1.bin
.zip

Password: infected
223081fec38b805a88edf16c10d9dbc961af19af51edf96ae7fe4af15ff23671.elf
.elf linux arm