General
-
Target
6135bf53904738eced514d260840cb25.exe
-
Size
404KB
-
Sample
240106-l45h3aech9
-
MD5
6135bf53904738eced514d260840cb25
-
SHA1
42038ef409fb670cad2435a540093c36c97d50c0
-
SHA256
48b6fa01f18368de40fc75c5961c9303b49904b62522b232971e42a0a22f65fb
-
SHA512
f7e50657b44320621e795b9d03adf2fbc1c6e59caca1be8beec520104dc87290c11256d8da5d3793fd2998269950d3457bc6b73024e9091b06773b8c808f4cb6
-
SSDEEP
6144:TSncRl5/rhlAhEKwLOpslFlqKhdBCkWYxuukP1pjSKSNVkq/MVJb:m4j/NqhEKIwslvTBd47GLRMTb
Behavioral task
behavioral1
Sample
6135bf53904738eced514d260840cb25.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
6135bf53904738eced514d260840cb25.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
cybergate
v1.07.5
admin
aktrom.no-ip.org:1234
1C8NG20S0LJA44
-
enable_keylogger
true
-
enable_message_box
true
-
ftp_directory
./logs/
-
ftp_interval
30
-
injected_process
explorer.exe
-
install_dir
install
-
install_file
server.exe
-
install_flag
true
-
keylogger_enable_ftp
false
-
message_box_caption
the application wont open.
-
message_box_title
Error
-
password
admin
-
regkey_hkcu
HKCU
-
regkey_hklm
HKLM
Targets
-
-
Target
6135bf53904738eced514d260840cb25.exe
-
Size
404KB
-
MD5
6135bf53904738eced514d260840cb25
-
SHA1
42038ef409fb670cad2435a540093c36c97d50c0
-
SHA256
48b6fa01f18368de40fc75c5961c9303b49904b62522b232971e42a0a22f65fb
-
SHA512
f7e50657b44320621e795b9d03adf2fbc1c6e59caca1be8beec520104dc87290c11256d8da5d3793fd2998269950d3457bc6b73024e9091b06773b8c808f4cb6
-
SSDEEP
6144:TSncRl5/rhlAhEKwLOpslFlqKhdBCkWYxuukP1pjSKSNVkq/MVJb:m4j/NqhEKIwslvTBd47GLRMTb
-