General
-
Target
61f1737b6ccc78ddf22d494774937a7b_JaffaCakes118
-
Size
856KB
-
MD5
61f1737b6ccc78ddf22d494774937a7b
-
SHA1
6037b2f796b08d2dc3a0fb1dd8ddf846b8a3165f
-
SHA256
21d84a4431f5459a7c10b47077b69e5e708171afed2475d844deeea3c360c1ad
-
SHA512
54e2c744702d3ff40f0dd31f2e5773891bcb21a4546eea65e6739bb7a3c85006807221494d420080c84f6a845a4d3abf4e3a71354ac6139a6bc17d17890bc5b0
-
SSDEEP
12288:7cD663keKgQnEb+D5LfV13yBDGJrZ25ITK8aXeT831VQ:7ZrgQ/tfVVJrZhTuxF
Malware Config
Extracted
Family
cybergate
Version
2.7 Beta 02
Botnet
victim
C2
12221.zapto.org:81
dwdwdw.no-ip.biz:81
unknownone.no-ip.org:81
dwpiratesonline.no-ip.info:81
s1s1s1.zapto.org:81
Mutex
***MUTEX***
Attributes
-
enable_keylogger
true
-
enable_message_box
false
-
ftp_directory
./logs/
-
ftp_interval
30
-
injected_process
explorer.exe
-
install_dir
install
-
install_file
game.exe
-
install_flag
true
-
keylogger_enable_ftp
false
-
message_box_caption
texto da mensagem
-
message_box_title
tÃtulo da mensagem
-
password
abcd1234
Signatures
-
Cybergate family
Files
-
61f1737b6ccc78ddf22d494774937a7b_JaffaCakes118