cybergate | 4d999cf3c42f5f76b851481eabee855858eae3baf4ac7ed266db0daf87ffe005 | Triage

Sharing

General

Target

875ffed1c200a3f736c096ed2cee2181_JaffaCakes118
Size

274KB
Sample

240810-x9lhxsvapn
MD5

875ffed1c200a3f736c096ed2cee2181
SHA1

b6209980961fb401e3dd1577d2be364f8433f5a5
SHA256

4d999cf3c42f5f76b851481eabee855858eae3baf4ac7ed266db0daf87ffe005
SHA512

cd8a7646ae5bc462370983d6a140f260c0c47bd09889313524e01cbc8e91a45108230068eae5103d0627b76b3a5770e1a3fa676dd88719d73f7dd5d453dc9260
SSDEEP

6144:jMd36yc2ayXpTb6z5it4u10SnmZsBK7X5Kkm+ZXhe:ja36y3tXHtJ0SnmwK7X5Kh+ZX

Score

10^/10

cybergate remote discovery stealer trojan upx

Malware Config

Extracted

Family

cybergate

Version

v1.07.5

Botnet

remote

C2

ip.zapto.org:999

Mutex

8Y34MKQS188BD2

Attributes

enable_keylogger
true
enable_message_box
false
ftp_directory
./logs/
ftp_interval
30
injected_process
explorer.exe
install_dir
install
install_file
server.exe
install_flag
true
keylogger_enable_ftp
false
message_box_caption
Remote Administration anywhere in the world.
message_box_title
CyberGate
password
123456

Targets

- Target
  
  875ffed1c200a3f736c096ed2cee2181_JaffaCakes118
- Size
  
  274KB
- MD5
  
  875ffed1c200a3f736c096ed2cee2181
- SHA1
  
  b6209980961fb401e3dd1577d2be364f8433f5a5
- SHA256
  
  4d999cf3c42f5f76b851481eabee855858eae3baf4ac7ed266db0daf87ffe005
- SHA512
  
  cd8a7646ae5bc462370983d6a140f260c0c47bd09889313524e01cbc8e91a45108230068eae5103d0627b76b3a5770e1a3fa676dd88719d73f7dd5d453dc9260
- SSDEEP
  
  6144:jMd36yc2ayXpTb6z5it4u10SnmZsBK7X5Kkm+ZXhe:ja36y3tXHtJ0SnmwK7X5Kh+ZX
Score

10^/10

cybergate remote discovery stealer trojan upx
- CyberGate, Rebhip
  CyberGate is a lightweight remote administration tool with a wide array of functionalities.
  trojan stealer cybergate
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

cybergateremotediscoverystealertrojanupx

behavioral2

cybergateremotediscoverystealertrojanupx