General

  • Target

    3190b2a2c77c0fca246f7fca0b9c99b2_JaffaCakes118

  • Size

    283KB

  • MD5

    3190b2a2c77c0fca246f7fca0b9c99b2

  • SHA1

    63d0632ee72682c96ae3a4923ef05e71c9d955a0

  • SHA256

    c990702db59201d82aadd9e63975b97f86bbebc6d991545714f6c2678d767196

  • SHA512

    b574f751fca881de728dc571604d32346d278b1a1c009a36574889a528c431d3e83aefbd9e9f8181b53f39cb641254f70582641a1c3285fda1a99c0dccfe8550

  • SSDEEP

    6144:zmcD66RRjj5JGmrpQsK3FD2u270jupCJsCxCe:KcD663y92zkPaCx1

Score
10/10

Malware Config

Extracted

Family

cybergate

Version

2.6

Botnet

pp

C2

remik3.no-ip.org:81

Mutex

***MUTEX***

Attributes
  • enable_keylogger

    true

  • enable_message_box

    false

  • ftp_directory

    ./logs/

  • ftp_interval

    30

  • injected_process

    explorer.exe

  • install_dir

    install

  • install_file

    server.exe

  • install_flag

    true

  • keylogger_enable_ftp

    false

  • password

    1234

Signatures

Files

  • 3190b2a2c77c0fca246f7fca0b9c99b2_JaffaCakes118