General

  • Target

    7f1fd90564ab2104778b06a4fa228da807b04747b40d19f298208c544fbfe628

  • Size

    290KB

  • MD5

    340b258aa391dd052df749290a6640c6

  • SHA1

    f022c286f5954db65f34ff98ff26fcf400fb047b

  • SHA256

    7f1fd90564ab2104778b06a4fa228da807b04747b40d19f298208c544fbfe628

  • SHA512

    44d1ad77691be40112d5a9395f654903ba8a5bf5285dcfffcd8b2a3ce5b1c0d8dec821a79534860c359611f5628c497ae23ea73c2456ea25dbc9a15456a81556

  • SSDEEP

    6144:dmcD66RRjw5JGmrpQsK3RD2u270jupCJsCxC0:IcD663NZ2zkPaCxv

Score
10/10

Malware Config

Extracted

Family

cybergate

Version

2.6

Botnet

vítima

C2

moon25.no-ip.biz:288

Mutex

***MUTEX***

Attributes
  • enable_keylogger

    true

  • enable_message_box

    false

  • ftp_directory

    ./logs/

  • ftp_interval

    30

  • injected_process

    explorer.exe

  • install_dir

    install

  • install_file

    server.exe

  • install_flag

    true

  • keylogger_enable_ftp

    false

  • message_box_caption

    texto da mensagem

  • message_box_title

    título da mensagem

  • password

    abcd1234

Signatures

Files

  • 7f1fd90564ab2104778b06a4fa228da807b04747b40d19f298208c544fbfe628
    .exe windows x86


    Headers

    Sections