cybergate | a35836265b1f2bf3d6838d32e187da67_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a35836265b1f2bf3d6838d32e187da67_JaffaCakes118
Size

2.0MB
MD5

a35836265b1f2bf3d6838d32e187da67
SHA1

a89b4674ba61e670a01d260bc35b6dec6f55e28d
SHA256

5ec2309251c35c00917dc0260ab9baae75fa44ffefc6119124db8aa12853d156
SHA512

5fada4b0e0b9286b81ae9098af366651a9b5afeea4f636113fb0a2064105fc5989f6d85157f2d3d72e7b1ad5d0e2b45913a54cac1d4b529a23eda9c9973be365
SSDEEP

6144:PBs6BsG/hwirIrM+NW6o2SWnIq+ikCdGodAXbA:HBsGNr4/xS2hdEbA

Score

10^/10

cybergate

Malware Config

Signatures

Cybergate family
cybergate

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a35836265b1f2bf3d6838d32e187da67_JaffaCakes118

Files

a35836265b1f2bf3d6838d32e187da67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\t0fx\dev\VBnet\MyCrypter\winini\obj\Debug\winini.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 114B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ