cybergate | dd1cc3d9f2ade7c96a3528a4d359ae52_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd1cc3d9f2ade7c96a3528a4d359ae52_JaffaCakes118
Size

334KB
MD5

dd1cc3d9f2ade7c96a3528a4d359ae52
SHA1

66e37171c465164b88f6564b759785cbbe099992
SHA256

0eda8152dc49bd6c5e7d0ea4a7b3038e164ef0f853623ff5af5f0fd395efc449
SHA512

8fbc32ad6f03301d43a72700962c7f4b90b649d65f6527f2805c54ba04de54af9fc64d8d59da843dcfc6ffddd4fda40f35edefea5476378f0d2f888d4dd592c7
SSDEEP

6144:qjru9by1OpslFlqehdBCkWYxuukP1pjSKSNVkq/MVJbJ:3Wwsl7TBd47GLRMTbJ

Score

10^/10

cybergate

Malware Config

Signatures

Cybergate family
cybergate

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd1cc3d9f2ade7c96a3528a4d359ae52_JaffaCakes118

Files

dd1cc3d9f2ade7c96a3528a4d359ae52_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c8decf3582072f6edfc385a689f44f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
DeleteFileA
ExitProcess
FreeLibrary
GetCommandLineA
GetFileTime
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
LoadLibraryA
lstrcatA
lstrcmpiA
RemoveDirectoryA
SetFileTime
VirtualAlloc
VirtualFree
WriteFile

Sections

.text
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE

Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE