General

  • Target

    1f41f8c3a65d31989eb1d7fc5fda6c2cbbfe25b279df874bac9c12dc647928d8

  • Size

    302KB

  • MD5

    00215f103ac5a93b46bacdf7e3348e49

  • SHA1

    e9b5693a2582dfdf4146c5edc5dc64d5837f504e

  • SHA256

    1f41f8c3a65d31989eb1d7fc5fda6c2cbbfe25b279df874bac9c12dc647928d8

  • SHA512

    2ba75cd31cb5d000998bd8527ce758b5fd73ba94dd82b63cf8d3c6603e49e6d3ed77459cf72e688ffec4236dbdb440f0bef00df431e1e190641f47fcc88384b5

  • SSDEEP

    6144:RmcD66RbQ5JGmrpQsK3RD2u270jupCJsCxCc:kcD66rZ2zkPaCx5

Score
10/10

Malware Config

Extracted

Family

cybergate

Version

2.6

Botnet

ÖÍíÉ

C2

profist.myftp.biz:1404

Mutex

***MUTEX***

Attributes
  • enable_keylogger

    true

  • enable_message_box

    false

  • ftp_directory

    ./logs/

  • ftp_interval

    30

  • injected_process

    svchost.exe

  • install_file

    windows.exe

  • install_flag

    true

  • keylogger_enable_ftp

    false

  • message_box_caption

    texto da mensagem

  • message_box_title

    título da mensagem

  • password

    999999

Signatures

Files

  • 1f41f8c3a65d31989eb1d7fc5fda6c2cbbfe25b279df874bac9c12dc647928d8
    .exe windows x86


    Headers

    Sections