Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_87551fdc01d8a046940bbde9bacf5254
-
Size
177KB
-
Sample
250323-sabgfsyjt3
-
MD5
87551fdc01d8a046940bbde9bacf5254
-
SHA1
8fa032df00002dedd72f36d5b34cd0d5ef558387
-
SHA256
f80dee509f2fb3f291660bd59f619b65a103d3b1fadc14de71e2d538340827ae
-
SHA512
09ec95e511ea55a0ac695d1459fc33be1771e4953cbfc83e11daef860c929ce8c8da52b929031f28a31f9813da4da38958e8fcf01b4e0d725044a941ebbea5b9
-
SSDEEP
3072:7iGl1it/5AJnVnn3t4yRlXANuGyO/5nQ/3v5TdhqXpPQe0rYpz7zmlfB:t4ABF94SpAuO/50BTnqPd0Mpz7q3
Malware Config
Extracted
cybergate
v1.04.8
Cyber
cybergateexample.no-ip.biz:100
52BE52107177O4
-
enable_keylogger
true
-
enable_message_box
true
-
ftp_directory
./logs/
-
ftp_interval
30
-
injected_process
explorer.exe
-
install_dir
WindowsUpdate
-
install_file
WindowsUpdate.DLL
-
install_flag
true
-
keylogger_enable_ftp
false
-
message_box_caption
Please Update your .NET Framework
-
message_box_title
Fatal Error
-
password
cybergate
-
regkey_hkcu
HKCU
-
regkey_hklm
HKLM
Targets
-
-
Target
JaffaCakes118_87551fdc01d8a046940bbde9bacf5254
-
Size
177KB
-
MD5
87551fdc01d8a046940bbde9bacf5254
-
SHA1
8fa032df00002dedd72f36d5b34cd0d5ef558387
-
SHA256
f80dee509f2fb3f291660bd59f619b65a103d3b1fadc14de71e2d538340827ae
-
SHA512
09ec95e511ea55a0ac695d1459fc33be1771e4953cbfc83e11daef860c929ce8c8da52b929031f28a31f9813da4da38958e8fcf01b4e0d725044a941ebbea5b9
-
SSDEEP
3072:7iGl1it/5AJnVnn3t4yRlXANuGyO/5nQ/3v5TdhqXpPQe0rYpz7zmlfB:t4ABF94SpAuO/50BTnqPd0Mpz7q3
Score1/10 -