Extracted

• • Target

    a90acefd8543390964db877001816c7910f74d97733a38f2396c959685256fa2.exe

  • Size

    281KB

  • MD5

    16dea0b58c08807dbce8281f55d4e7d0

  • SHA1

    ad31591dd6be479fdcc116c4f970e4b1bd2a46a6

  • SHA256

    a90acefd8543390964db877001816c7910f74d97733a38f2396c959685256fa2

  • SHA512

    0b276f69077b5801fd5de5b6ed14946c50e6839ed1ad38a9fa7804e8ff0bd5d622dda4021445147a474982b35bd85db46f0fedeadd3484f51196768746844931

  • SSDEEP

    6144:AScrLX4mp8D6WGc/YSlIipBReubLzeh7Yy0DMIdeXijG:RcAy78QSVnNyhsFMCeSjG

  Score

  10^/10

  cybergatekavabungadiscoverypersistencestealertrojanupx

  • CyberGate, Rebhip

    CyberGate is a lightweight remote administration tool with a wide array of functionalities.

    trojanstealercybergate

  • Cybergate family

    cybergate

  • Adds policy Run key to start application

    persistence

  • Boot or Logon Autostart Execution: Active Setup

    Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    persistence

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2