General

  • Target

    d6e16504b793c7a63897e0d398a4f8ea_JaffaCakes118

  • Size

    2.7MB

  • Sample

    240909-w7pbcsshqp

  • MD5

    d6e16504b793c7a63897e0d398a4f8ea

  • SHA1

    d64355b46894ab022bb558fc5495414b55c8ffd0

  • SHA256

    cb7ca3bdfc9ab600d548564d80aed0f3731e4a5e1f6cf1f554d923872c11a77d

  • SHA512

    545c5f74178ebaa9131c59ad00a118be4a0962a7b70eb86033ea8ce2e847a5ef7de57771d162f0d43c82597641e46f5552df82b7bf0981c17a8ff79ea7a23c17

  • SSDEEP

    49152:IrSo4KONtojoco2xHoGvYYYYYYYYYYYRYYYYYYYYYYrkIEA7/eFG:IrIYjk22GvYYYYYYYYYYYRYYYYYYYYYT

Malware Config

Extracted

Family

cybergate

Version

v3.4.2.2

Botnet

remote

C2

asade.no-ip.org:25565

Mutex

A6F405Y273QX48

Attributes
  • enable_keylogger

    true

  • enable_message_box

    false

  • ftp_directory

    ./logs

  • ftp_interval

    30

  • injected_process

    explorer.exe

  • install_dir

    zczx

  • install_file

    assf

  • install_flag

    false

  • keylogger_enable_ftp

    false

  • message_box_caption

    Remote Administration anywhere in the world.

  • message_box_title

    CyberGate

  • password

    cybergate

  • regkey_hkcu

    svchost

  • regkey_hklm

    skype

Targets

    • Target

      d6e16504b793c7a63897e0d398a4f8ea_JaffaCakes118

    • Size

      2.7MB

    • MD5

      d6e16504b793c7a63897e0d398a4f8ea

    • SHA1

      d64355b46894ab022bb558fc5495414b55c8ffd0

    • SHA256

      cb7ca3bdfc9ab600d548564d80aed0f3731e4a5e1f6cf1f554d923872c11a77d

    • SHA512

      545c5f74178ebaa9131c59ad00a118be4a0962a7b70eb86033ea8ce2e847a5ef7de57771d162f0d43c82597641e46f5552df82b7bf0981c17a8ff79ea7a23c17

    • SSDEEP

      49152:IrSo4KONtojoco2xHoGvYYYYYYYYYYYRYYYYYYYYYYrkIEA7/eFG:IrIYjk22GvYYYYYYYYYYYRYYYYYYYYYT

    • CyberGate, Rebhip

      CyberGate is a lightweight remote administration tool with a wide array of functionalities.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks