General
-
Target
331462e26ebb1bcc7bc0800b52b4ec376024c9221e853ac22f09b1bd9fb2320b
-
Size
217KB
-
Sample
221004-hsab1ageg7
-
MD5
5a9d79a675cef4f854ec59417406cf30
-
SHA1
cfafce667e44a5b6fbb6bdb73bf543dcb97fb982
-
SHA256
331462e26ebb1bcc7bc0800b52b4ec376024c9221e853ac22f09b1bd9fb2320b
-
SHA512
52d2e5bd99c461c9b002192ccca2fe2eb6140a87c6137f797114e40874ee486cd3353437824ab221de700fa6c8a57ddb3e508be0764cce13e2d7226efe7f87a1
-
SSDEEP
3072:PATpuydVEOyqGnlqxIl4ZyBKhdOhbYCkW7E/Zuuke0EEQwpXTBROniNKYHkno:POpslFlqJhdBCkWYxuukP1pjSKSo
Behavioral task
behavioral1
Sample
331462e26ebb1bcc7bc0800b52b4ec376024c9221e853ac22f09b1bd9fb2320b.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
331462e26ebb1bcc7bc0800b52b4ec376024c9221e853ac22f09b1bd9fb2320b.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
cybergate
v1.07.5
1
94.102.0.56:82
VE8548240R1EI6
-
enable_keylogger
true
-
enable_message_box
false
-
ftp_directory
./logs/
-
ftp_interval
30
-
injected_process
explorer.exe
-
install_dir
install
-
install_file
server.exe
-
install_flag
true
-
keylogger_enable_ftp
false
-
message_box_caption
Remote Administration anywhere in the world.
-
message_box_title
CyberGate
-
password
1
Targets
-
-
Target
331462e26ebb1bcc7bc0800b52b4ec376024c9221e853ac22f09b1bd9fb2320b
-
Size
217KB
-
MD5
5a9d79a675cef4f854ec59417406cf30
-
SHA1
cfafce667e44a5b6fbb6bdb73bf543dcb97fb982
-
SHA256
331462e26ebb1bcc7bc0800b52b4ec376024c9221e853ac22f09b1bd9fb2320b
-
SHA512
52d2e5bd99c461c9b002192ccca2fe2eb6140a87c6137f797114e40874ee486cd3353437824ab221de700fa6c8a57ddb3e508be0764cce13e2d7226efe7f87a1
-
SSDEEP
3072:PATpuydVEOyqGnlqxIl4ZyBKhdOhbYCkW7E/Zuuke0EEQwpXTBROniNKYHkno:POpslFlqJhdBCkWYxuukP1pjSKSo
Score1/10 -