Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

9042f38783...ad.exe

windows7-x64

1

9042f38783...ad.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9042f38783879abc19d72d9040c54cb4d7d0f21b96bcffbcc3add726da4880ad

  • Size

    290KB

  • Sample

    221003-hzym6scfg3

  • MD5

    4c78d02776468f94ae8f697ed5f8dcdf

  • SHA1

    3df51eac7d050d77f771a234199cccbbb1903ac6

  • SHA256

    9042f38783879abc19d72d9040c54cb4d7d0f21b96bcffbcc3add726da4880ad

  • SHA512

    bcd69c6b1a7daca7a4564fe9d6ee563921d48bb8d45c734ad62db6a566c398fd5e0d20fc9c9c71c2d166b3a234d50691c98588c69a6c38a140f8b03efd3310e3

  • SSDEEP

    6144:ImcD66zRji5JGmrpQsK3RD2u270jupCJsCxCv:BcD66h7Z2zkPaCxA

Score
10/10
cybergateöííé

Malware Config

Extracted

Family

cybergate

Version

2.6

Botnet

ÖÍíÉ

C2

hamza12213.no-ip.biz:288

Mutex

***MUTEX***

Attributes
  • enable_keylogger

    true

  • enable_message_box

    false

  • ftp_directory

    ./logs/

  • ftp_interval

    30

  • injected_process

    svchost.exe

  • install_file

    windows.exe

  • install_flag

    true

  • keylogger_enable_ftp

    false

  • message_box_caption

    texto da mensagem

  • message_box_title

    t?tulo da mensagem

  • password

    abcd1234

Targets

    • Target

      9042f38783879abc19d72d9040c54cb4d7d0f21b96bcffbcc3add726da4880ad

    • Size

      290KB

    • MD5

      4c78d02776468f94ae8f697ed5f8dcdf

    • SHA1

      3df51eac7d050d77f771a234199cccbbb1903ac6

    • SHA256

      9042f38783879abc19d72d9040c54cb4d7d0f21b96bcffbcc3add726da4880ad

    • SHA512

      bcd69c6b1a7daca7a4564fe9d6ee563921d48bb8d45c734ad62db6a566c398fd5e0d20fc9c9c71c2d166b3a234d50691c98588c69a6c38a140f8b03efd3310e3

    • SSDEEP

      6144:ImcD66zRji5JGmrpQsK3RD2u270jupCJsCxCv:BcD66h7Z2zkPaCxA

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks