General
-
Target
b42958ac08e2bb3f1af8ac52bab93faa80311879e66e64c43f4992b4cc7e2cf0
-
Size
267KB
-
Sample
221021-wthlnahfh5
-
MD5
75675ab18ffb688664df276fe7008d20
-
SHA1
fa29983d3a34266242863580eb1b6c4c53236b4c
-
SHA256
b42958ac08e2bb3f1af8ac52bab93faa80311879e66e64c43f4992b4cc7e2cf0
-
SHA512
4a6b7982b897a6391c506cbb8a3fdec7e0aab03b0700b0c90d49befc0d29c8233cc9cd630ef521f42af3eb11a4033b3a8e8e04ede63dc74a4671fe04af497655
-
SSDEEP
6144:TkTmyyl3x/1c7kReB9s5RtXC5zPiksJI353UsOSeI/v6vIKAjv6S0Sa:oUF1Okcort+zZ/5RqOc+D6
Behavioral task
behavioral1
Sample
b42958ac08e2bb3f1af8ac52bab93faa80311879e66e64c43f4992b4cc7e2cf0.exe
Resource
win7-20220812-en
Malware Config
Extracted
cybergate
v1.02.1
Lammer
virusss.no-ip.org:1413
Pluguin
-
enable_keylogger
true
-
enable_message_box
true
-
ftp_directory
./
-
ftp_interval
30
-
injected_process
explorer.exe
-
install_dir
Drivers
-
install_file
Gerenciador de áudio Realtek.exe
-
install_flag
true
-
keylogger_enable_ftp
false
-
message_box_caption
VOCÊ FOI HACKEADO ...SEU SISTEMA SERÁ FORMATADO.
-
message_box_title
LAMMER
-
password
123
-
regkey_hkcu
FWEJ
-
regkey_hklm
Java[TM] Update
Targets
-
-
Target
b42958ac08e2bb3f1af8ac52bab93faa80311879e66e64c43f4992b4cc7e2cf0
-
Size
267KB
-
MD5
75675ab18ffb688664df276fe7008d20
-
SHA1
fa29983d3a34266242863580eb1b6c4c53236b4c
-
SHA256
b42958ac08e2bb3f1af8ac52bab93faa80311879e66e64c43f4992b4cc7e2cf0
-
SHA512
4a6b7982b897a6391c506cbb8a3fdec7e0aab03b0700b0c90d49befc0d29c8233cc9cd630ef521f42af3eb11a4033b3a8e8e04ede63dc74a4671fe04af497655
-
SSDEEP
6144:TkTmyyl3x/1c7kReB9s5RtXC5zPiksJI353UsOSeI/v6vIKAjv6S0Sa:oUF1Okcort+zZ/5RqOc+D6
-