cybergate | b580f7f30677e1ff3956b3ce5aa5297397bb100ddf2cdbaa216f1ae52d3da95c | Triage

Submit
Reports

Overview

overview

Static

static

b580f7f306...5c.exe

windows7-x64

b580f7f306...5c.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

vítima cybergate

1 signatures

Behavioral task

behavioral1

Sample

b580f7f30677e1ff3956b3ce5aa5297397bb100ddf2cdbaa216f1ae52d3da95c.exe

Resource

win7-20221111-en

cybergate vítima persistence stealer trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

b580f7f30677e1ff3956b3ce5aa5297397bb100ddf2cdbaa216f1ae52d3da95c.exe

Resource

win10v2004-20220901-en

cybergate vítima persistence stealer trojan upx

windows10-2004-x64

9 signatures

150 seconds

General

Target

b580f7f30677e1ff3956b3ce5aa5297397bb100ddf2cdbaa216f1ae52d3da95c
Size

581KB
MD5

8efa4349400bfea7b42c1ba9a64f9610
SHA1

9577d7fa282485bba41cec007bb0c04e2788ae7a
SHA256

b580f7f30677e1ff3956b3ce5aa5297397bb100ddf2cdbaa216f1ae52d3da95c
SHA512

940bf8d5bc97ae101887724e9a320543eea1e5826e31c3c2e50294f9f038e976bf06862e4df804f0435c344060d153557766152e2a20a3e765eedec5cc65441c
SSDEEP

12288:YyYeC7BlwsiXvc5Pryg/s+g9aW3gyc4BkePcYNgWnLX35U1faN3CQ3b:YjeMBeNXvAPryYPg9n0R0tgc35UdcPL

Score

10^/10

vítima cybergate

Malware Config

Extracted

Family

cybergate

Version

2.8 Private Edition

Botnet

vítima

C2

127.0.0.1:81

Mutex

***MUTEX***

Attributes

enable_keylogger
true
enable_message_box
false
ftp_directory
./logs/
ftp_interval
30
injected_process
explorer.exe
install_dir
install
install_file
server.exe
install_flag
true
keylogger_enable_ftp
false
message_box_caption
texto da mensagem
message_box_title
título da mensagem
password
abcd1234

Signatures

Cybergate family
cybergate

Files

b580f7f30677e1ff3956b3ce5aa5297397bb100ddf2cdbaa216f1ae52d3da95c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.packed
Size: 306KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RLPack
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ap0x
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy