General

  • Target

    db62f41251200fed105c8c32c0d56a0950c20ee3b9027f255f597b567b39b91e

  • Size

    283KB

  • MD5

    74e8eae2ae39d73191ceb12539331200

  • SHA1

    4c19d984984d8396f0835bdf2e086a903bdf24c8

  • SHA256

    db62f41251200fed105c8c32c0d56a0950c20ee3b9027f255f597b567b39b91e

  • SHA512

    bb0eb1e5f36a817ffce5cb3af9c6ba6339f8142aa10ee849a04a8f20a2f25b4c888e076dd2739e4b6e3af310c1eb1c8178af4c908276de6a997d868cc77afdcf

  • SSDEEP

    6144:TmcD66RRjJ5JGmrpQsK3RD2u270jupCJsCxCl:qcD663UZ2zkPaCxe

Score
10/10

Malware Config

Extracted

Family

cybergate

Version

2.6

Botnet

HackeaDo

C2

127.0.0.1:2000

127.0.0.1:3333

127.0.0.1:4000

Mutex

Explorer

Attributes
  • enable_keylogger

    true

  • enable_message_box

    true

  • ftp_directory

    ./logs/

  • ftp_interval

    30

  • injected_process

    explorer.exe

  • install_dir

    Microsoft

  • install_file

    Explorer.exe

  • install_flag

    true

  • keylogger_enable_ftp

    false

  • message_box_caption

    FUNFOU

  • message_box_title

    FUNFOU

  • password

    123

Signatures

Files

  • db62f41251200fed105c8c32c0d56a0950c20ee3b9027f255f597b567b39b91e
    .exe windows x86


    Headers

    Sections