cybergate | e4d1e8c9d7f6ef0b331cb34273e517386c8a9006d4ce547f751f4a36de20d532 | Triage

Sharing

General

Target

cf388a414b9919b6156d9bc30d85053f_JaffaCakes118
Size

705KB
Sample

241206-1tg3cazkcy
MD5

cf388a414b9919b6156d9bc30d85053f
SHA1

ab484855f545cf8b8dc54dfaa4504c3904a02a48
SHA256

e4d1e8c9d7f6ef0b331cb34273e517386c8a9006d4ce547f751f4a36de20d532
SHA512

b51c91786ea0bcf9bf578e96d4d0704f22e8b8ef5cd1f741d6c1c46a61cd79a5c88feb9170f8193d4beebf822cb57b941aa2ade95d75c19737ca1219190daf49
SSDEEP

12288:KC4ol1xcGCZplbm2DBBosRAyt1n7TAQgt58Hror1p76qc4U8kfQlrBHB7UG4EwIp:N4o1xC/DRAyt1n7ToH8Hsyqc4U5fgrF/

Score

10^/10

cybergate vítima discovery stealer trojan upx

Malware Config

Extracted

Family

cybergate

Version

2.0.1

Botnet

vítima

C2

zorra.no-ip.biz:81

prj.3utilities.com:3535

prj.no-ip.info:4545

Mutex

***MUTEX***

Attributes

enable_keylogger
true
enable_message_box
false
ftp_interval
30
install_file
ieplorer.exe
install_flag
false
keylogger_enable_ftp
false
message_box_caption
texto da mensagem
message_box_title
título da mensagem
password
abcd1234

Targets

- Target
  
  cf388a414b9919b6156d9bc30d85053f_JaffaCakes118
- Size
  
  705KB
- MD5
  
  cf388a414b9919b6156d9bc30d85053f
- SHA1
  
  ab484855f545cf8b8dc54dfaa4504c3904a02a48
- SHA256
  
  e4d1e8c9d7f6ef0b331cb34273e517386c8a9006d4ce547f751f4a36de20d532
- SHA512
  
  b51c91786ea0bcf9bf578e96d4d0704f22e8b8ef5cd1f741d6c1c46a61cd79a5c88feb9170f8193d4beebf822cb57b941aa2ade95d75c19737ca1219190daf49
- SSDEEP
  
  12288:KC4ol1xcGCZplbm2DBBosRAyt1n7TAQgt58Hror1p76qc4U8kfQlrBHB7UG4EwIp:N4o1xC/DRAyt1n7ToH8Hsyqc4U5fgrF/
Score

10^/10

cybergate vítima discovery stealer trojan upx
- CyberGate, Rebhip
  CyberGate is a lightweight remote administration tool with a wide array of functionalities.
  trojan stealer cybergate
- Cybergate family
  cybergate
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

cybergatevítimadiscoverystealertrojanupx

behavioral2