cybergate | 473f80b3430a5b6b40ade08f3b1262ec86fa8aa713d54d7fdfb36b9c39dd702d | Triage

Submit
Reports

Overview

overview

Static

static

473f80b343...2d.exe

windows7-x64

473f80b343...2d.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

473f80b3430a5b6b40ade08f3b1262ec86fa8aa713d54d7fdfb36b9c39dd702d.exe

Resource

win7-20220812-en

cybergate test persistence stealer trojan upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

473f80b3430a5b6b40ade08f3b1262ec86fa8aa713d54d7fdfb36b9c39dd702d.exe

Resource

win10v2004-20220812-en

cybergate test persistence stealer trojan upx

windows10-2004-x64

14 signatures

150 seconds

General

Target

473f80b3430a5b6b40ade08f3b1262ec86fa8aa713d54d7fdfb36b9c39dd702d
Size

297KB
MD5

579cae64c297512ee1a9cb18fa166f16
SHA1

9e465dd1c250c86c53e9e13b4a5aebd485d88f7c
SHA256

473f80b3430a5b6b40ade08f3b1262ec86fa8aa713d54d7fdfb36b9c39dd702d
SHA512

c67e5b6c09db3e352a755aa9cbe867c094eed2fc62f3315c40e3698b595e747d3117ea0299ca8f1722fd1f515a7699460e85e7e9f588b38f58e49f9e77b810c9
SSDEEP

6144:8OpslFlqLhdBCkWYxuukP1pjSKSNVkq/MVJbi:8wsl8TBd47GLRMTbi

Score

10^/10

test cybergate

Malware Config

Extracted

Family

cybergate

Version

v1.07.5

Botnet

test

C2

stickker.no-ip.biz:5111

Mutex

B0477LDG30X3OV

Attributes

enable_keylogger
false
enable_message_box
false
ftp_directory
./logs/
ftp_interval
30
injected_process
explorer.exe
install_dir
fire
install_file
fire-ro bypass.exe
install_flag
true
keylogger_enable_ftp
false
message_box_caption
Remote Administration anywhere in the world.
message_box_title
CyberGate
password
test
regkey_hkcu
HKCU
regkey_hklm
HKLM

Signatures

Cybergate family
cybergate

Files

473f80b3430a5b6b40ade08f3b1262ec86fa8aa713d54d7fdfb36b9c39dd702d
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy