General
-
Target
eb71f462c91acd01d8e69236807db9823fd6ad9b7a1d778c5664d443b0ff9c78
-
Size
113KB
-
Sample
221030-g4rvragear
-
MD5
a335b0a2aaff367ae7fa40dc801064bb
-
SHA1
d7c6f60d111e295351a152b5d628f2c96c40d505
-
SHA256
eb71f462c91acd01d8e69236807db9823fd6ad9b7a1d778c5664d443b0ff9c78
-
SHA512
68e7a43a150a0a5b5d7373e6b8ade1d01677782573f05b65df274fdfd35f9f09fc077d800185c0fee3d639faab36a4baddb9a68e406932b028b146b5f1b9946f
-
SSDEEP
1536:xuoATp+AW5oUEVWqX6nk59QFAqj4ulqxIl4ZryBcnxhCQOhjfY0KY:PATpuydVEOyqGnlqxIl4ZyBKhdOhbYY
Behavioral task
behavioral1
Sample
eb71f462c91acd01d8e69236807db9823fd6ad9b7a1d778c5664d443b0ff9c78.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
eb71f462c91acd01d8e69236807db9823fd6ad9b7a1d778c5664d443b0ff9c78.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
cybergate
v1.07.5
1
94.102.0.56:82
VE8548240R1EI6
-
enable_keylogger
true
-
enable_message_box
false
-
ftp_directory
./logs/
-
ftp_interval
30
-
injected_process
explorer.exe
-
install_dir
install
-
install_file
server.exe
-
install_flag
true
-
keylogger_enable_ftp
false
-
message_box_caption
Remote Administration anywhere in the world.
-
message_box_title
CyberGate
-
password
1
Targets
-
-
Target
eb71f462c91acd01d8e69236807db9823fd6ad9b7a1d778c5664d443b0ff9c78
-
Size
113KB
-
MD5
a335b0a2aaff367ae7fa40dc801064bb
-
SHA1
d7c6f60d111e295351a152b5d628f2c96c40d505
-
SHA256
eb71f462c91acd01d8e69236807db9823fd6ad9b7a1d778c5664d443b0ff9c78
-
SHA512
68e7a43a150a0a5b5d7373e6b8ade1d01677782573f05b65df274fdfd35f9f09fc077d800185c0fee3d639faab36a4baddb9a68e406932b028b146b5f1b9946f
-
SSDEEP
1536:xuoATp+AW5oUEVWqX6nk59QFAqj4ulqxIl4ZryBcnxhCQOhjfY0KY:PATpuydVEOyqGnlqxIl4ZyBKhdOhbYY
Score1/10 -