gafgyt | 3b6ef94ff7bfeaba0f600ea8938a5a85[.]bin | Triage

Sharing

General

Target

3b6ef94ff7bfeaba0f600ea8938a5a85.bin
Size

66KB
MD5

7c6b2660f8a4b7ef21beb48211401fb6
SHA1

384debd3ac37e75b3b43f40c0fc4e8eddb300580
SHA256

fb816e722e49e600af321a713d4e12b313f64410e3d4513b01468ec016d53f45
SHA512

20328661cc5295195ac40dc41e07d19552cb1e0d26c8724de791fdc742bbf0ae31a5cb0946cfff2c41f0a407aafd86be691b24c19d5313a0c390787b7430234e
SSDEEP

1536:I8NioXXzX8+YUgYnP2rN2MUk9mBrVWWFGlGj4fySA:XrXz/YUjnfMUk4WWQl3VA

Score

10^/10

gafgyt

Malware Config

Extracted

Family

gafgyt

C2

185.103.102.219:4258

Signatures

Detected Gafgyt variant 1 IoCs

resource	yara_rule
static1/unpack001/2084f2448a61fe7fa9b857d5be2c0d25806625c317132acfc185538419dc8b0b.elf	family_gafgyt

Gafgyt family
gafgyt

Files

3b6ef94ff7bfeaba0f600ea8938a5a85.bin
.zip

Password: infected
2084f2448a61fe7fa9b857d5be2c0d25806625c317132acfc185538419dc8b0b.elf
.elf linux arm