General
-
Target
2362bccf048a0850f1d65b484d8577c8_JaffaCakes118
-
Size
305KB
-
Sample
240703-xetwtavang
-
MD5
2362bccf048a0850f1d65b484d8577c8
-
SHA1
c4c10047b750a55dd1d87a175de2dfb77ac19715
-
SHA256
626d473ec5ad5e5a288bbcda158f6b667d4f9dceecf4dfed9880fb24878a92d4
-
SHA512
868ee442a471972146514fb91389a1ab0e54819a5535538a3fbd2969793d2c558076714c4af3dea6957c201c82db283860fc9729e3a55d7a6c40015b75c3a120
-
SSDEEP
6144:XOpslFlqVhdBCkWYxuukP1pjSKSNVkq/MVJb:XwslOTBd47GLRMTb
Behavioral task
behavioral1
Sample
2362bccf048a0850f1d65b484d8577c8_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2362bccf048a0850f1d65b484d8577c8_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
cybergate
v1.07.5
victimas
bombilla.zapto.org:4662
denis77.zapto.org:4662
5K23C8M2203M4U
-
enable_keylogger
true
-
enable_message_box
false
-
ftp_directory
./logs/
-
ftp_interval
30
-
injected_process
explorer.exe
-
install_dir
Windows
-
install_file
Windows.exe
-
install_flag
true
-
keylogger_enable_ftp
false
-
message_box_caption
Remote Administration anywhere in the world.
-
message_box_title
CyberGate
-
password
1234
-
regkey_hkcu
services
-
regkey_hklm
services
Targets
-
-
Target
2362bccf048a0850f1d65b484d8577c8_JaffaCakes118
-
Size
305KB
-
MD5
2362bccf048a0850f1d65b484d8577c8
-
SHA1
c4c10047b750a55dd1d87a175de2dfb77ac19715
-
SHA256
626d473ec5ad5e5a288bbcda158f6b667d4f9dceecf4dfed9880fb24878a92d4
-
SHA512
868ee442a471972146514fb91389a1ab0e54819a5535538a3fbd2969793d2c558076714c4af3dea6957c201c82db283860fc9729e3a55d7a6c40015b75c3a120
-
SSDEEP
6144:XOpslFlqVhdBCkWYxuukP1pjSKSNVkq/MVJb:XwslOTBd47GLRMTb
Score1/10 -