Overview

overview

10

Static

static

10

CyberGate ...al.exe

windows7-x64

5

CyberGate ...al.exe

windows10-2004-x64

3

CyberGate ...er.exe

windows7-x64

10

CyberGate ...er.exe

windows10-2004-x64

10

CyberGate ....5.exe

windows7-x64

3

CyberGate ....5.exe

windows10-2004-x64

3

CyberGate ...er.exe

windows7-x64

10

CyberGate ...er.exe

windows10-2004-x64

10

CyberGate ...e3.dll

windows7-x64

5

CyberGate ...e3.dll

windows10-2004-x64

5

Dark Comet...ty.exe

windows7-x64

3

Dark Comet...ty.exe

windows10-2004-x64

3

Dark Comet...et.exe

windows7-x64

10

Dark Comet...et.exe

windows10-2004-x64

10

Dark Comet...er.exe

windows7-x64

3

Dark Comet...er.exe

windows10-2004-x64

3

Dark Comet...er.exe

windows7-x64

10

Dark Comet...er.exe

windows10-2004-x64

10

Dark Comet...e3.dll

windows7-x64

3

Dark Comet...e3.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    17-12-2024 16:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CyberGate v1.07.5/CyberGate v1.07.5/CyberGate v1.07.5.exe

  • Size

    2.3MB

  • MD5

    fc6ee683f28c4d867b069841b45cde8b

  • SHA1

    7ba5b8f07bd86a85b583f8c92d27bb94792b6373

  • SHA256

    d2119d9dce199cab558514bb1de19a59b207a9d654d0ed1477fa2d98f20e3dc3

  • SHA512

    a74f81bb2fa4806abb61e7c8b66fe60b2827120a5558ced95076d3af37e517a4395f28750875fb7cca197258502d8eee3221ee6c4a9fd76e5ec95c4ec5563f56

  • SSDEEP

    49152:jBcY9bLMtRGHMTy+hjt2cTl4XRsme9qwwoHXi3Ic+8R1Hg3wx:iftRmsy+l4cIe9qn2XsIcHrx

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 7 IoCs
  • Suspicious use of SendNotifyMessage 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CyberGate v1.07.5\CyberGate v1.07.5\CyberGate v1.07.5.exe
    "C:\Users\Admin\AppData\Local\Temp\CyberGate v1.07.5\CyberGate v1.07.5\CyberGate v1.07.5.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:2796

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\CyberGate v1.07.5\CyberGate v1.07.5\Language\Default.ini
    Filesize

    16KB

    MD5

    c31f9719e10071c3591a5ab99f8bb6c3

    SHA1

    123b4045ed0a4094cc5ea7f5456ee48fa567e7cd

    SHA256

    c2349fec416c3d0fcd12050b647d000a9049619002219ff45d2d1855a7739afd

    SHA512

    103839c5dcb2e25d4e6f7ce24f5a800988de58fb156b946c6bb794b510a2a102dda67cba826ffadca7ee52af13daf8e0e94ecfec1fd2f2d04c6557653234784c

    Download Submit

  • memory/2796-1011-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-1020-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-1010-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-1-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-1006-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-1007-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-1008-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-1009-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-3-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-0-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-1013-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-1012-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-1014-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-1015-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-1016-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-1017-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-1018-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-1019-0x0000000000400000-0x0000000000BDE000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/2796-2-0x0000000000996000-0x0000000000BDD000-memory.dmp

    Filesize

    2.3MB

    Download