cybergate | c0315641a0cd272b6e01b850e116b54acf8ae5ffd61c26225fec739246d3b61c | Triage

Sharing

General

Target

JaffaCakes118_18c6f860c8d17acafa441a2546c54c2a
Size

444KB
Sample

250123-tb9lbavkhw
MD5

18c6f860c8d17acafa441a2546c54c2a
SHA1

654e93f1eadda22cd4a6ef643f49daa5bcca3ef9
SHA256

c0315641a0cd272b6e01b850e116b54acf8ae5ffd61c26225fec739246d3b61c
SHA512

c1cd7826c2e0e4654c3fb17f534f826d13609dbbad33261e1f3877cd58f58f5a811bb75cd0d264cf769855a6468a9b550c0cd981a861f24bc2a78a83d0c462d2
SSDEEP

6144:J3we/dMGuaxGffrzMYGGP70k7OEDNfI4+L26LlvhiRHSjT0nt0YTEt6ZcoNsxGaS:JvuiS70k7OY6hvhmoIuYJNs

Score

10^/10

cybergate discovery persistence stealer trojan

Malware Config

Targets

- Target
  
  JaffaCakes118_18c6f860c8d17acafa441a2546c54c2a
- Size
  
  444KB
- MD5
  
  18c6f860c8d17acafa441a2546c54c2a
- SHA1
  
  654e93f1eadda22cd4a6ef643f49daa5bcca3ef9
- SHA256
  
  c0315641a0cd272b6e01b850e116b54acf8ae5ffd61c26225fec739246d3b61c
- SHA512
  
  c1cd7826c2e0e4654c3fb17f534f826d13609dbbad33261e1f3877cd58f58f5a811bb75cd0d264cf769855a6468a9b550c0cd981a861f24bc2a78a83d0c462d2
- SSDEEP
  
  6144:J3we/dMGuaxGffrzMYGGP70k7OEDNfI4+L26LlvhiRHSjT0nt0YTEt6ZcoNsxGaS:JvuiS70k7OY6hvhmoIuYJNs
Score

10^/10

cybergate discovery persistence stealer trojan
- CyberGate, Rebhip
  CyberGate is a lightweight remote administration tool with a wide array of functionalities.
  trojan stealer cybergate
- Cybergate family
  cybergate
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

cybergatediscoverypersistencestealertrojan

behavioral2

cybergatediscoverypersistencestealertrojan