cybergate | 1ed58c758fcbb044a64f678713f47a166df57fb30140843cfca34ec89594aa4d | Triage

Submit
Reports

Overview

overview

Static

static

3

bab92e93a2...9f.exe

windows7-x64

bab92e93a2...9f.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

bab92e93a26589b5b4ea6564238c359f
Size

694KB
Sample

240308-g1cxesaa8y
MD5

bab92e93a26589b5b4ea6564238c359f
SHA1

4b5ef32af0aad70e321d8c46394644ca3c2750d8
SHA256

1ed58c758fcbb044a64f678713f47a166df57fb30140843cfca34ec89594aa4d
SHA512

fb9a50f4431412bbed49bf6ad0922495316c44f9576a5df5129220c2b21cfda590c44071f1328f03e7a5f27c26959ad5118484dcd61dffd661cf8ad39f031a6c
SSDEEP

12288:XF3BcV85FqHdFLmShZyifDJphJzG7LOW3qB+f8MPtpI+eTNYg4J8XOTRaVdXHHQq:DcV8vmuSh4ifDJphJzh8zf8MPt1eJLkb

Score

10^/10

cybergate öííé stealer trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bab92e93a26589b5b4ea6564238c359f.exe

Resource

win7-20240221-en

cybergate öííé stealer trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

bab92e93a26589b5b4ea6564238c359f.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

cybergate

Version

2.6

Botnet

ÖÍíÉ

C2

127.0.0.1:288

Mutex

***MUTEX***

Attributes

enable_keylogger
false
enable_message_box
false
ftp_directory
./logs/
ftp_interval
30
injected_process
svchost.exe
install_file
windows.exe
install_flag
false
keylogger_enable_ftp
false
message_box_caption
texto da mensagem
message_box_title
t?tulo da mensagem
password
abcd1234

Targets

- Target
  
  bab92e93a26589b5b4ea6564238c359f
- Size
  
  694KB
- MD5
  
  bab92e93a26589b5b4ea6564238c359f
- SHA1
  
  4b5ef32af0aad70e321d8c46394644ca3c2750d8
- SHA256
  
  1ed58c758fcbb044a64f678713f47a166df57fb30140843cfca34ec89594aa4d
- SHA512
  
  fb9a50f4431412bbed49bf6ad0922495316c44f9576a5df5129220c2b21cfda590c44071f1328f03e7a5f27c26959ad5118484dcd61dffd661cf8ad39f031a6c
- SSDEEP
  
  12288:XF3BcV85FqHdFLmShZyifDJphJzG7LOW3qB+f8MPtpI+eTNYg4J8XOTRaVdXHHQq:DcV8vmuSh4ifDJphJzh8zf8MPt1eJLkb
Score

10^/10

cybergate öííé stealer trojan upx
- CyberGate, Rebhip
  CyberGate is a lightweight remote administration tool with a wide array of functionalities.
  trojan stealer cybergate
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cybergateöííéstealertrojanupx

behavioral2

© 2018-2025

Terms | Privacy