General

  • Target

    465a04d8c05debcd7eecc7369ae68155_JaffaCakes118

  • Size

    284KB

  • Sample

    240714-sh8f6axgqb

  • MD5

    465a04d8c05debcd7eecc7369ae68155

  • SHA1

    8ba0f8fc585cd7d5c1a05be4520f21783c14906d

  • SHA256

    82c356bb2c03aede456dabfbe26a1a1846da5f0d39f38c2b4d7397635f78c603

  • SHA512

    4afe87fb6deeb2bba0d5ee8aff45ba38732ea21b6af2ff2417529aa88aeab297efeaa9a6d192ec2a8257be69c88a2579688388a2f5c9cf210482814547d93ced

  • SSDEEP

    6144:Gk4qmSJOluzRRTkv+sYrD20ZFvXVfoFUptQZOM6iOMJ+8NaD:59/Q6Ta+sY/vFQOaBY8

Score
10/10

Malware Config

Extracted

Family

cybergate

Version

2.6

Botnet

ÖÍíÉ

C2

saheb3.no-ip.biz:288

Mutex

***MUTEX***

Attributes
  • enable_keylogger

    true

  • enable_message_box

    false

  • ftp_directory

    ./logs/

  • ftp_interval

    30

  • injected_process

    svchost.exe

  • install_file

    windows.exe

  • install_flag

    true

  • keylogger_enable_ftp

    false

  • message_box_caption

    texto da mensagem

  • message_box_title

    t?tulo da mensagem

  • password

    abcd1234

Targets

    • Target

      465a04d8c05debcd7eecc7369ae68155_JaffaCakes118

    • Size

      284KB

    • MD5

      465a04d8c05debcd7eecc7369ae68155

    • SHA1

      8ba0f8fc585cd7d5c1a05be4520f21783c14906d

    • SHA256

      82c356bb2c03aede456dabfbe26a1a1846da5f0d39f38c2b4d7397635f78c603

    • SHA512

      4afe87fb6deeb2bba0d5ee8aff45ba38732ea21b6af2ff2417529aa88aeab297efeaa9a6d192ec2a8257be69c88a2579688388a2f5c9cf210482814547d93ced

    • SSDEEP

      6144:Gk4qmSJOluzRRTkv+sYrD20ZFvXVfoFUptQZOM6iOMJ+8NaD:59/Q6Ta+sY/vFQOaBY8

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks