General
-
Target
465a04d8c05debcd7eecc7369ae68155_JaffaCakes118
-
Size
284KB
-
Sample
240714-sh8f6axgqb
-
MD5
465a04d8c05debcd7eecc7369ae68155
-
SHA1
8ba0f8fc585cd7d5c1a05be4520f21783c14906d
-
SHA256
82c356bb2c03aede456dabfbe26a1a1846da5f0d39f38c2b4d7397635f78c603
-
SHA512
4afe87fb6deeb2bba0d5ee8aff45ba38732ea21b6af2ff2417529aa88aeab297efeaa9a6d192ec2a8257be69c88a2579688388a2f5c9cf210482814547d93ced
-
SSDEEP
6144:Gk4qmSJOluzRRTkv+sYrD20ZFvXVfoFUptQZOM6iOMJ+8NaD:59/Q6Ta+sY/vFQOaBY8
Behavioral task
behavioral1
Sample
465a04d8c05debcd7eecc7369ae68155_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
465a04d8c05debcd7eecc7369ae68155_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
cybergate
2.6
ÖÍíÉ
saheb3.no-ip.biz:288
***MUTEX***
-
enable_keylogger
true
-
enable_message_box
false
-
ftp_directory
./logs/
-
ftp_interval
30
-
injected_process
svchost.exe
-
install_file
windows.exe
-
install_flag
true
-
keylogger_enable_ftp
false
-
message_box_caption
texto da mensagem
-
message_box_title
t?tulo da mensagem
-
password
abcd1234
Targets
-
-
Target
465a04d8c05debcd7eecc7369ae68155_JaffaCakes118
-
Size
284KB
-
MD5
465a04d8c05debcd7eecc7369ae68155
-
SHA1
8ba0f8fc585cd7d5c1a05be4520f21783c14906d
-
SHA256
82c356bb2c03aede456dabfbe26a1a1846da5f0d39f38c2b4d7397635f78c603
-
SHA512
4afe87fb6deeb2bba0d5ee8aff45ba38732ea21b6af2ff2417529aa88aeab297efeaa9a6d192ec2a8257be69c88a2579688388a2f5c9cf210482814547d93ced
-
SSDEEP
6144:Gk4qmSJOluzRRTkv+sYrD20ZFvXVfoFUptQZOM6iOMJ+8NaD:59/Q6Ta+sY/vFQOaBY8
Score7/10 -