cybergate | 1edee4036874d31f78678b32b8f43c2870028e15a165db331b1a1bbd8763779c | Triage

Submit
Reports

Overview

overview

Static

static

1edee40368...9c.exe

windows7-x64

1edee40368...9c.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

vítima cybergate

1 signatures

Behavioral task

behavioral1

Sample

1edee4036874d31f78678b32b8f43c2870028e15a165db331b1a1bbd8763779c.exe

Resource

win7-20221111-en

cybergate vítima persistence stealer trojan upx

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

1edee4036874d31f78678b32b8f43c2870028e15a165db331b1a1bbd8763779c.exe

Resource

win10v2004-20220901-en

cybergate vítima persistence stealer trojan upx

windows10-2004-x64

14 signatures

150 seconds

General

Target

1edee4036874d31f78678b32b8f43c2870028e15a165db331b1a1bbd8763779c
Size

293KB
MD5

ea1b7f0a25211b65746927fa2b692384
SHA1

8d0cba1a2388bc37c04b8197d317709b7a4d4172
SHA256

1edee4036874d31f78678b32b8f43c2870028e15a165db331b1a1bbd8763779c
SHA512

16f0e3cc5e0d9ce66526eee9fa1fc0bfa309f444fc8a2c5d94fc7b1e791626bd03ceff1b1c42db86b9787e387a1ec3a2dd05bde49ed26f989d2806120cd8a054
SSDEEP

6144:jmcD66RRjo5JGmrpQsK3FD2u270jupCJsCxC:acD663V92zkPaCx

Score

10^/10

vítima cybergate

Malware Config

Extracted

Family

cybergate

Version

2.6

Botnet

Vítima

C2

etakstata.no-ip.org:2213

Mutex

***MUTEX***

Attributes

enable_keylogger
true
enable_message_box
true
ftp_directory
./logs/
ftp_interval
30
injected_process
explorer.exe
install_dir
Microsoft
install_file
explorer.exe
install_flag
true
keylogger_enable_ftp
false
message_box_caption
Arquivo não encontrado (dssl.exe)
message_box_title
Erro
password
123
regkey_hkcu
HKCU
regkey_hklm
HKLM

Signatures

Cybergate family
cybergate

Files

1edee4036874d31f78678b32b8f43c2870028e15a165db331b1a1bbd8763779c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy