General

  • Target

    bcdfceff072b4e8b5e733482b26d6600406ba87a6bdcd57889a315d8d252c0fc

  • Size

    276KB

  • MD5

    61a1528ff2412e7b316394427ef5e510

  • SHA1

    40445cc0ee2049de3cd75a07b3391e0137348e4e

  • SHA256

    bcdfceff072b4e8b5e733482b26d6600406ba87a6bdcd57889a315d8d252c0fc

  • SHA512

    e1f0b41b30feb631d9f85a9a1be4681d0fb164784ce6165a3e83694078a0d6a92b0ce095f91863f39019decd3f650fee805874c8b29d31299827c630014e7ade

  • SSDEEP

    6144:lk4qmEds0W5cpMwPc+cV6DqhoJ8ZQbzJ/hAJKbroY:i9uVTwh6QvJpAJgro

Score
10/10

Malware Config

Extracted

Family

cybergate

Version

2.6

Botnet

vítima

C2

127.0.0.1:81

hackerpalstinae.no-ip.org:82

Mutex

***MUTEX***

Attributes
  • enable_keylogger

    true

  • enable_message_box

    false

  • ftp_directory

    ./logs/

  • ftp_interval

    30

  • injected_process

    explorer.exe

  • install_dir

    install

  • install_file

    server.exe

  • install_flag

    true

  • keylogger_enable_ftp

    false

  • message_box_caption

    texto da mensagem

  • message_box_title

    título da mensagem

  • password

    abcd1234

Signatures

  • Cybergate family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

Files

  • bcdfceff072b4e8b5e733482b26d6600406ba87a6bdcd57889a315d8d252c0fc
    .exe windows x86


    Headers

    Sections

  • out.upx
    .exe windows x86


    Headers

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.