General
-
Target
577c8f4a6193d30b899f5e72298d98b5_JaffaCakes118
-
Size
87KB
-
Sample
241018-pv75dazdjl
-
MD5
577c8f4a6193d30b899f5e72298d98b5
-
SHA1
bf5ade859ea4a1d504faedb8a83578dd25d795d3
-
SHA256
db9650486b65b9d72011768ea47ed7b73e087e4e23d4d5d51c72155154db0fdd
-
SHA512
4e9c67c870ce25d3c5a22b3aed3bd33f89126fa14e409383ec53a219ec0d7c768ca38b94d73cfdabc339cb12077ac34a9a6ec05625e9b24bcf03069f53aa26a6
-
SSDEEP
1536:5zu5s+skrxo3uz3fG478KPGAqGYM0CVoQWcpnF24C:aNskewXOAqPM8QWcpnF2l
Malware Config
Extracted
cybergate
2.0.1
vítima
zorra.no-ip.biz:81
prj.3utilities.com:3535
prj.no-ip.info:4545
***MUTEX***
-
enable_keylogger
true
-
enable_message_box
false
-
ftp_interval
30
-
install_file
ieplorer.exe
-
install_flag
false
-
keylogger_enable_ftp
false
-
message_box_caption
texto da mensagem
-
message_box_title
título da mensagem
-
password
abcd1234
Targets
-
-
Target
577c8f4a6193d30b899f5e72298d98b5_JaffaCakes118
-
Size
87KB
-
MD5
577c8f4a6193d30b899f5e72298d98b5
-
SHA1
bf5ade859ea4a1d504faedb8a83578dd25d795d3
-
SHA256
db9650486b65b9d72011768ea47ed7b73e087e4e23d4d5d51c72155154db0fdd
-
SHA512
4e9c67c870ce25d3c5a22b3aed3bd33f89126fa14e409383ec53a219ec0d7c768ca38b94d73cfdabc339cb12077ac34a9a6ec05625e9b24bcf03069f53aa26a6
-
SSDEEP
1536:5zu5s+skrxo3uz3fG478KPGAqGYM0CVoQWcpnF24C:aNskewXOAqPM8QWcpnF2l
Score10/10-
CyberGate, Rebhip
CyberGate is a lightweight remote administration tool with a wide array of functionalities.
-
Suspicious use of SetThreadContext
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-