cybergate | 3ebda0ff978eeeb7406fa80939eaf0c926854d98e5d34db3cdfccb8928919ac4 | Triage

Submit
Reports

Overview

overview

Static

static

3

de3182d260...18.exe

windows7-x64

de3182d260...18.exe

windows10-2004-x64

Sharing

General

Target

de3182d260d05ade166ad8a690e689f3_JaffaCakes118
Size

489KB
Sample

241210-xk2hvatpgw
MD5

de3182d260d05ade166ad8a690e689f3
SHA1

0adad20c48925a34dbe18f056452741572509aec
SHA256

3ebda0ff978eeeb7406fa80939eaf0c926854d98e5d34db3cdfccb8928919ac4
SHA512

58ff3796929d7f511c6fcad4d882ab9002ebe9e9f5c4c2f4bb1d49737400b41080fd6a8e4e99cba8fc5b85b62c884be5f577def5a568c4fc732efc79bb0b008e
SSDEEP

12288:XiEoRH5zRGr0OB/TbLRrqD2ff8CcAIRY78N4EeK5:TmHTda/DRrqS0C78NP95

Score

10^/10

cybergate msn discovery stealer trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

de3182d260d05ade166ad8a690e689f3_JaffaCakes118.exe

Resource

win7-20240903-en

cybergate msn discovery stealer trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

de3182d260d05ade166ad8a690e689f3_JaffaCakes118.exe

Resource

win10v2004-20241007-en

cybergate msn discovery stealer trojan upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

cybergate

Version

2.2

Botnet

msn

C2

metahack.no-ip.biz:288

Mutex

Mop

Attributes

enable_keylogger
true
enable_message_box
true
ftp_directory
./logs/
ftp_interval
30
injected_process
svchost.exe
install_dir
system32
install_file
taskmgr.exe
install_flag
false
keylogger_enable_ftp
false
message_box_caption
I Love You
message_box_title
Love
password
abcd1234
regkey_hkcu
system
regkey_hklm
system

Targets

- Target
  
  de3182d260d05ade166ad8a690e689f3_JaffaCakes118
- Size
  
  489KB
- MD5
  
  de3182d260d05ade166ad8a690e689f3
- SHA1
  
  0adad20c48925a34dbe18f056452741572509aec
- SHA256
  
  3ebda0ff978eeeb7406fa80939eaf0c926854d98e5d34db3cdfccb8928919ac4
- SHA512
  
  58ff3796929d7f511c6fcad4d882ab9002ebe9e9f5c4c2f4bb1d49737400b41080fd6a8e4e99cba8fc5b85b62c884be5f577def5a568c4fc732efc79bb0b008e
- SSDEEP
  
  12288:XiEoRH5zRGr0OB/TbLRrqD2ff8CcAIRY78N4EeK5:TmHTda/DRrqS0C78NP95
Score

10^/10

cybergate msn discovery stealer trojan upx
- CyberGate, Rebhip
  CyberGate is a lightweight remote administration tool with a wide array of functionalities.
  trojan stealer cybergate
- Cybergate family
  cybergate
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

cybergatemsndiscoverystealertrojanupx

behavioral2

cybergatemsndiscoverystealertrojanupx

© 2018-2025

Terms | Privacy