General
-
Target
17480ac3087121cfa3b544449c83c4f536af0d1755ce0c8e2e4383ae95baa96b
-
Size
428KB
-
Sample
221125-ytgepseg7v
-
MD5
6eda64fd0454f3fb3079c98ca14693da
-
SHA1
90af167ce1453d5e070784afa091d232ed2a8695
-
SHA256
17480ac3087121cfa3b544449c83c4f536af0d1755ce0c8e2e4383ae95baa96b
-
SHA512
a7e19777ef7489367d9bf49e352111b2a2bf0bef443867a9367a06062e3f19cbb112de4ee35504387c0bc9e61badb15f56468b3deb82186e9ca3dda245df0326
-
SSDEEP
12288:huMwvBi8vvrHxVPKyv2m77sZB07FxObO328:hHw88vrx52t07FQav
Behavioral task
behavioral1
Sample
17480ac3087121cfa3b544449c83c4f536af0d1755ce0c8e2e4383ae95baa96b.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
17480ac3087121cfa3b544449c83c4f536af0d1755ce0c8e2e4383ae95baa96b.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
cybergate
v3.4.2.2
xXx
sidactionorg.no-ip.org:1040
385LQL57KF71TY
-
enable_keylogger
true
-
enable_message_box
false
-
ftp_directory
./logs
-
ftp_interval
5
-
ftp_password
aEiJv^fPL`M^hT>3[M
-
ftp_port
21
-
ftp_server
sidactionorg.esy.es
-
ftp_username
u838635477.callofduty3300
-
injected_process
svchost.exe
-
install_dir
install
-
install_file
server.exe
-
install_flag
false
-
keylogger_enable_ftp
true
-
message_box_caption
Welcome Thank You For Download
-
message_box_title
INFO NWES
-
password
123
Targets
-
-
Target
17480ac3087121cfa3b544449c83c4f536af0d1755ce0c8e2e4383ae95baa96b
-
Size
428KB
-
MD5
6eda64fd0454f3fb3079c98ca14693da
-
SHA1
90af167ce1453d5e070784afa091d232ed2a8695
-
SHA256
17480ac3087121cfa3b544449c83c4f536af0d1755ce0c8e2e4383ae95baa96b
-
SHA512
a7e19777ef7489367d9bf49e352111b2a2bf0bef443867a9367a06062e3f19cbb112de4ee35504387c0bc9e61badb15f56468b3deb82186e9ca3dda245df0326
-
SSDEEP
12288:huMwvBi8vvrHxVPKyv2m77sZB07FxObO328:hHw88vrx52t07FQav
Score8/10 -