Overview

overview

10

Static

static

10

34925d858e...fd.exe

windows7-x64

10

34925d858e...fd.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    34925d858eea9740e1ffa546d9601dd59f1397534dcdb76a0a6e4fdc94b394fd

  • Size

    290KB

  • MD5

    0bb0c4e361fff60f01948136147bd5b0

  • SHA1

    d22c63d2afa6035fe2c94beeaffcdcf30c14717f

  • SHA256

    34925d858eea9740e1ffa546d9601dd59f1397534dcdb76a0a6e4fdc94b394fd

  • SHA512

    793be4432bb50253db15ec3ffaace29aad53880b4265aed40434c777e63d25c1b2cf6b298c4eeda47361216ab6bedcbf9a7570d22fb3aa69a974d8cb330c34e5

  • SSDEEP

    6144:OOpslFlqyhdBCkWYxuukP1pjSKSNVkq/MVJbQ:OwslHTBd47GLRMTbQ

Score
10/10
avira crackcybergate

Malware Config

Extracted

Family

cybergate

Version

v1.07.5

Botnet

Avira Crack

C2

mafiaidol.myvnc.com:258

Mutex

71BD157KO7RM0N

Attributes
  • enable_keylogger

    true

  • enable_message_box

    true

  • ftp_directory

    ./logs/

  • ftp_interval

    30

  • injected_process

    explorer.exe

  • install_dir

    silent

  • install_file

    antivirus.exe

  • install_flag

    true

  • keylogger_enable_ftp

    false

  • message_box_caption

    Thanks for use our silent antivirus . now your pc is protected with this software , no meaasges will apear to you - auto kick any hackers out of your pc - auto remove virus and trojan - keep your connection without any attacker for install please click yes and restart your computer www.mircosoft.com

  • message_box_title

    Mircosoft silent antivirus

  • password

    cybergate

  • regkey_hkcu

    config

  • regkey_hklm

    system

Signatures

Files

  • 34925d858eea9740e1ffa546d9601dd59f1397534dcdb76a0a6e4fdc94b394fd
    .exe windows x86


    Headers

    Sections