cybergate | 6ba2b7aaf2ef72072c83f575d0e25ea08b1215c06c9d9284f24166c51b81d379

General

Target

6ba2b7aaf2ef72072c83f575d0e25ea08b1215c06c9d9284f24166c51b81d379
Size

296KB
MD5

0c057a3d179c2004d91911449a023860
SHA1

1604b5162b3cddcab2f3c8ac7ba7f0a4e231edac
SHA256

6ba2b7aaf2ef72072c83f575d0e25ea08b1215c06c9d9284f24166c51b81d379
SHA512

acfa7d438c0de7b5e70453c024522c138888bc58d6d75f607a8576c64097564d24c8a19db87aa9eb535c70a64fd24dbd3e9439dd37d9fe6d8af128e097661a80
SSDEEP

6144:IOpslFlq5hdBCkWYxuukP1pjSKSNVkq/MVJbo:Iwsl2TBd47GLRMTbo

Score

10^/10

cyber cybergate

Family

cybergate

Version

v1.07.5

Botnet

Cyber

C2

rspro.no-ip.biz:100

Mutex

KXH8TE1C7K8GJ4

Attributes

enable_keylogger
true
enable_message_box
false
ftp_directory
./logs/
ftp_interval
30
injected_process
explorer.exe
install_dir
WinDir
install_file
Svchost.exe
install_flag
true
keylogger_enable_ftp
false
message_box_caption
The computer needs to be restarted in order for the program to run.
password
123456
regkey_hkcu
HKCU
regkey_hklm
HKLM