General
-
Target
JaffaCakes118_3b22c347e8c1768ca8885ca1190bc64c
-
Size
756KB
-
Sample
250127-cra91swraq
-
MD5
3b22c347e8c1768ca8885ca1190bc64c
-
SHA1
1e1462e3d1608638143d3cd8cdc222300f1c0d53
-
SHA256
44ffe721764d8ea47e2f923252b954f1a96fa5f5c110fd8dd50c92ea8ce2d76c
-
SHA512
852c29168f5ae2f23b45d7eae7ce2db2ab10eef274e9a5e07034430aeb1c504546fe0555e24de1cd691a959cf03222cb5ea512d2ba9568b7d2655e75e0ba3c8c
-
SSDEEP
12288:4eyw32V3pZUK0aFc3f+uRaJlCVCRiNP5KQKXehFzfD8oJQpCBG2W3MVLu9:/+V3pZUK0mDSavACRiNPoI74xEmcLu9
Malware Config
Targets
-
-
Target
JaffaCakes118_3b22c347e8c1768ca8885ca1190bc64c
-
Size
756KB
-
MD5
3b22c347e8c1768ca8885ca1190bc64c
-
SHA1
1e1462e3d1608638143d3cd8cdc222300f1c0d53
-
SHA256
44ffe721764d8ea47e2f923252b954f1a96fa5f5c110fd8dd50c92ea8ce2d76c
-
SHA512
852c29168f5ae2f23b45d7eae7ce2db2ab10eef274e9a5e07034430aeb1c504546fe0555e24de1cd691a959cf03222cb5ea512d2ba9568b7d2655e75e0ba3c8c
-
SSDEEP
12288:4eyw32V3pZUK0aFc3f+uRaJlCVCRiNP5KQKXehFzfD8oJQpCBG2W3MVLu9:/+V3pZUK0mDSavACRiNPoI74xEmcLu9
Score10/10-
CyberGate, Rebhip
CyberGate is a lightweight remote administration tool with a wide array of functionalities.
-
Cybergate family
-
Adds policy Run key to start application
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Loads dropped DLL
-
Molebox Virtualization software
Detects file using Molebox Virtualization software.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-