Overview

overview

10

Static

static

10

c8037fb079...1f.exe

windows7-x64

10

c8037fb079...1f.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    c8037fb079cbc314bb6067f59d384f2e65af974f14dac798135bcc5c4ab75e1f

  • Size

    263KB

  • MD5

    e31b9512f8feed0c04d58b6d27c51c94

  • SHA1

    ea28194453ea6993f98c835c929ecc93568f89b9

  • SHA256

    c8037fb079cbc314bb6067f59d384f2e65af974f14dac798135bcc5c4ab75e1f

  • SHA512

    f44b0f566120e95e5d8daf6b1dba5b7d939cf5cd79c6b3d86b64fb15523ca648b23ff322bbe476b8040325b746a16667e227f054079cff59a56a2147fb81a58a

  • SSDEEP

    6144:AkjQp5cf3CIE8ODWuH2jden3lrmOdOP0ZPGxU1aIp9esag5nr:745/IE8OCu+d0lo8RG9IEst5

Score
10/10
upxtruecybergate

Malware Config

Extracted

Family

cybergate

Botnet

TRUE

C2

ÝØðÕÞÎÝÎÅý¼¼ûÙÈìÎÓßýØØÎÙÏϼ¼êÕÎÈÉÝÐìÎÓÈÙßȼ¼êÕÎÈÉÝÐýÐÐÓß¼¼êÕÎÈÉÝÐúÎÙÙ¼¼¼ùÄÕÈìÎÓßÙÏϼ¼¼ðÏÝÿÐÓÏÙ¼¼ÿÎÅÌÈéÒÌÎÓÈÙßÈøÝÈݼ¼ÿÓèÝÏ×ñÙÑúÎÙÙ¼¼¼ïÅÏúÎÙÙïÈÎÕÒÛ¼¼¼ìïÈÓÎÙÿÎÙÝÈÙõÒÏÈÝÒßÙ¼¼îÝÏùÒÉÑùÒÈÎÕÙÏý¼¼¼ïôûÙÈïÌÙßÕÝÐúÓÐØÙÎìÝÈÔý¼¼¼èÓýÏßÕÕ¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼¼1GR-K8M62P3A7L56}

Google Chrome

FALSE

16

0

CryptoSuite

www.CryptoSuite.com / YLN

TRUE

./

30
Mutex

Attributes
  • enable_keylogger

    false

  • enable_message_box

    true

  • install_dir

    TRUE

  • install_file

    TRUE

  • install_flag

    true

  • keylogger_enable_ftp

    false

  • message_box_caption

    TRUE

  • message_box_title

    TRUE

  • password

    TRUE

  • regkey_hkcu

    TRUE

  • regkey_hklm

    TRUE

Signatures

  • Cybergate family
    cybergate
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Files

  • c8037fb079cbc314bb6067f59d384f2e65af974f14dac798135bcc5c4ab75e1f
    .exe windows x86


    Headers

    Sections

  • out.upx
    .exe windows x86


    Headers

    Sections