General
-
Target
876-72-0x0000000000400000-0x0000000000455000-memory.dmp
-
Size
340KB
-
Sample
240306-nvw7faaa3v
-
MD5
786fc0201208f7e2778ca7ae58464e8d
-
SHA1
c4b7006d51986657981fc6ca700fc6bb4136d648
-
SHA256
ce722927a8c23050d9448815207a988acb7ebefe0a4f7ffc8786f38ce56fed98
-
SHA512
e3fe3e0d1facf0ab4bd3609ef83004d81695f3d39715952061560825fb1fca5be7fd4882cb82af70247a5b666f86aee513bdb0df93472c7d0a8baf1718289efc
-
SSDEEP
6144:U+mcD66R15JGmrpQsK3RD2u270jupCJsCxCwI5qoD:ocD66aZ2zkPaCxu
Behavioral task
behavioral1
Sample
876-72-0x0000000000400000-0x0000000000455000-memory.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
876-72-0x0000000000400000-0x0000000000455000-memory.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
cybergate
2.6
Server
abgx.duckdns.org:1212
abgx.duckdns.org:80
abgx.duckdns.org:1445
***MUTEX***
-
enable_keylogger
true
-
enable_message_box
false
-
ftp_directory
./logs/
-
ftp_interval
30
-
injected_process
explorer.exe
-
install_dir
svchst
-
install_file
VIPHACK4.exe
-
install_flag
true
-
keylogger_enable_ftp
false
-
message_box_caption
texto da mensagem
-
message_box_title
tÃtulo da mensagem
-
password
123
Targets
-
-
Target
876-72-0x0000000000400000-0x0000000000455000-memory.dmp
-
Size
340KB
-
MD5
786fc0201208f7e2778ca7ae58464e8d
-
SHA1
c4b7006d51986657981fc6ca700fc6bb4136d648
-
SHA256
ce722927a8c23050d9448815207a988acb7ebefe0a4f7ffc8786f38ce56fed98
-
SHA512
e3fe3e0d1facf0ab4bd3609ef83004d81695f3d39715952061560825fb1fca5be7fd4882cb82af70247a5b666f86aee513bdb0df93472c7d0a8baf1718289efc
-
SSDEEP
6144:U+mcD66R15JGmrpQsK3RD2u270jupCJsCxCwI5qoD:ocD66aZ2zkPaCxu
Score1/10 -