gafgyt | 1aeb2935aec67978bfdab8243470b577[.]bin | Triage

Sharing

General

Target

1aeb2935aec67978bfdab8243470b577.bin
Size

57KB
MD5

ee9d2c0324a7312080e5255ff7b9f818
SHA1

32f904731b4051deabe157ebaaa1c6c8d8cb18ce
SHA256

8c8c04ec1ec8cf4cdc5b3252a41d545041124549bc5fd8c241cff01a136cc5d2
SHA512

e979dc48d21051b6c5084f3f8bf67c9d105a31e230551b2ddbd44c336bed7118a9469fa7b11c15c904a6b54604e15c791f10a717f2d780486e44a504d0573923
SSDEEP

1536:Cgjt21xm2gdjxTiwKACW9lMhHKBQxcYDAD:CgjtkYAfEQH2TYcD

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

154.213.186.115:4444

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/936937cb11ad426210af65f850f4afee5713e324ad703a12d0b5f687ea84cf57.elf	family_gafgyt

Gafgyt family
gafgyt

Files

1aeb2935aec67978bfdab8243470b577.bin
.zip

Password: infected
936937cb11ad426210af65f850f4afee5713e324ad703a12d0b5f687ea84cf57.elf
.elf linux x86