General

  • Target

    81fe468e16bbdd850a9ed7e434e52ea8d36c177cd1946bb6a28708b93123b03b

  • Size

    290KB

  • MD5

    1231f10478b371cd559c12dcad52e031

  • SHA1

    172a3c9ab555c6129d9b01e8c40127b293ab37e6

  • SHA256

    81fe468e16bbdd850a9ed7e434e52ea8d36c177cd1946bb6a28708b93123b03b

  • SHA512

    7492b3248692861fa5221edcf5f71443ee18f2e60ac92fb3d538e4559fb18954a4c60584c9b39b8acebc4646c106cdaf8afacf07a6c733e62fff72d460d61216

  • SSDEEP

    6144:YmcD66RRja5JGmrpQsK3RD2u270jupCJsCxCS:xcD663jZ2zkPaCxR

Score
10/10

Malware Config

Extracted

Family

cybergate

Version

2.6

Botnet

ÖÍíÉ

C2

ay0b.no-ip.org:82

Mutex

***MUTEX***

Attributes
  • enable_keylogger

    true

  • enable_message_box

    false

  • ftp_directory

    ./logs/

  • ftp_interval

    30

  • injected_process

    svchost.exe

  • install_file

    windows.exe

  • install_flag

    true

  • keylogger_enable_ftp

    false

  • message_box_caption

    texto da mensagem

  • message_box_title

    título da mensagem

  • password

    abcd1234

Signatures

Files

  • 81fe468e16bbdd850a9ed7e434e52ea8d36c177cd1946bb6a28708b93123b03b
    .exe windows x86


    Headers

    Sections