General
-
Target
3190b2a2c77c0fca246f7fca0b9c99b2_JaffaCakes118
-
Size
283KB
-
MD5
3190b2a2c77c0fca246f7fca0b9c99b2
-
SHA1
63d0632ee72682c96ae3a4923ef05e71c9d955a0
-
SHA256
c990702db59201d82aadd9e63975b97f86bbebc6d991545714f6c2678d767196
-
SHA512
b574f751fca881de728dc571604d32346d278b1a1c009a36574889a528c431d3e83aefbd9e9f8181b53f39cb641254f70582641a1c3285fda1a99c0dccfe8550
-
SSDEEP
6144:zmcD66RRjj5JGmrpQsK3FD2u270jupCJsCxCe:KcD663y92zkPaCx1
Malware Config
Extracted
Family
cybergate
Version
2.6
Botnet
pp
C2
remik3.no-ip.org:81
Mutex
***MUTEX***
Attributes
-
enable_keylogger
true
-
enable_message_box
false
-
ftp_directory
./logs/
-
ftp_interval
30
-
injected_process
explorer.exe
-
install_dir
install
-
install_file
server.exe
-
install_flag
true
-
keylogger_enable_ftp
false
-
password
1234
Signatures
-
Cybergate family
Files
-
3190b2a2c77c0fca246f7fca0b9c99b2_JaffaCakes118