General
-
Target
JaffaCakes118_0cfd51831bd21b8f24e23c44f53a5f50
-
Size
259KB
-
Sample
250220-t9bf6szjfw
-
MD5
0cfd51831bd21b8f24e23c44f53a5f50
-
SHA1
88396640c3019a7f7b9cc81c8d74896a270d0583
-
SHA256
839549059ae9be3a819d1fce0848963b6b6bd742dfb678feec0d0e4eb361f278
-
SHA512
84e65d9460cd023e2004ef59e5b21e531295b3ffb4652fdc5395bb4916871102770574ec78f6f039ca186d37dd817942472db5e43f1475f1c0829f994d4ea008
-
SSDEEP
6144:lmcD66RRjE5JGmrpQsK3RD2u270jupCJsA:AcD663RZ2zkPaA
Behavioral task
behavioral1
Sample
JaffaCakes118_0cfd51831bd21b8f24e23c44f53a5f50.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_0cfd51831bd21b8f24e23c44f53a5f50.exe
Resource
win10v2004-20250217-en
Malware Config
Extracted
cybergate
2.6
remote
uomoombra.no-ip.biz:7800
***MUTEX***
-
enable_keylogger
true
-
enable_message_box
false
-
ftp_directory
./logs/
-
ftp_interval
30
-
injected_process
explorer.exe
-
install_dir
install
-
install_file
winupdate.exe
-
install_flag
true
-
keylogger_enable_ftp
false
-
message_box_caption
texto da mensagem
-
message_box_title
tÃtulo da mensagem
-
password
123
-
regkey_hkcu
HKCU
-
regkey_hklm
HKLM
Targets
-
-
Target
JaffaCakes118_0cfd51831bd21b8f24e23c44f53a5f50
-
Size
259KB
-
MD5
0cfd51831bd21b8f24e23c44f53a5f50
-
SHA1
88396640c3019a7f7b9cc81c8d74896a270d0583
-
SHA256
839549059ae9be3a819d1fce0848963b6b6bd742dfb678feec0d0e4eb361f278
-
SHA512
84e65d9460cd023e2004ef59e5b21e531295b3ffb4652fdc5395bb4916871102770574ec78f6f039ca186d37dd817942472db5e43f1475f1c0829f994d4ea008
-
SSDEEP
6144:lmcD66RRjE5JGmrpQsK3RD2u270jupCJsA:AcD663RZ2zkPaA
Score1/10 -