General
-
Target
bbbf3178430729f82b5f337705758945_JaffaCakes118
-
Size
170KB
-
Sample
241203-e9vsgszqgy
-
MD5
bbbf3178430729f82b5f337705758945
-
SHA1
70da15d712110a8d50dcfc2d9aa717cf3c6b4a57
-
SHA256
c6409d133f50c7ff667ebbf4e4186251227c51755d3f918353e57e1f52df6375
-
SHA512
4a19ebde8a47a43bf384974ec791a2280f9b0e9d86e18324c606ffa6aead67113d09b5836e6051323b75f5cf4c41ca4b9220e76fca838e142f9f6f17ea9365f7
-
SSDEEP
3072:7iGl1it/5AJnVnn3t4yRlXANuGyO/5nQ/3v5TdhqXpPQe0rYpz7zt:t4ABF94SpAuO/50BTnqPd0Mpz75
Malware Config
Extracted
cybergate
v1.04.8
Cyber
cybergateexample.no-ip.biz:100
52BE52107177O4
-
enable_keylogger
true
-
enable_message_box
true
-
ftp_directory
./logs/
-
ftp_interval
30
-
injected_process
explorer.exe
-
install_dir
WindowsUpdate
-
install_file
WindowsUpdate.DLL
-
install_flag
true
-
keylogger_enable_ftp
false
-
message_box_caption
Please Update your .NET Framework
-
message_box_title
Fatal Error
-
password
cybergate
-
regkey_hkcu
HKCU
-
regkey_hklm
HKLM
Targets
-
-
Target
bbbf3178430729f82b5f337705758945_JaffaCakes118
-
Size
170KB
-
MD5
bbbf3178430729f82b5f337705758945
-
SHA1
70da15d712110a8d50dcfc2d9aa717cf3c6b4a57
-
SHA256
c6409d133f50c7ff667ebbf4e4186251227c51755d3f918353e57e1f52df6375
-
SHA512
4a19ebde8a47a43bf384974ec791a2280f9b0e9d86e18324c606ffa6aead67113d09b5836e6051323b75f5cf4c41ca4b9220e76fca838e142f9f6f17ea9365f7
-
SSDEEP
3072:7iGl1it/5AJnVnn3t4yRlXANuGyO/5nQ/3v5TdhqXpPQe0rYpz7zt:t4ABF94SpAuO/50BTnqPd0Mpz75
Score1/10 -