General
-
Target
1bdc0e06ca4527f248b210fbd9a9c247_JaffaCakes118
-
Size
436KB
-
Sample
240701-vx44dstfpr
-
MD5
1bdc0e06ca4527f248b210fbd9a9c247
-
SHA1
86f5d92f5aa9a9fba64808ba6de23046eb97c3de
-
SHA256
af8da245a494815ed54369f2fb38bf3575b74251da28f3a2c98a30ccabf9ac3c
-
SHA512
ea81b5178619d9e97bee66fa8c401e568c4852be5e98758c4d468bda0c872e405e957b678fae70938397002862434a1e35e93456b8b7be8a9e54e71053c88774
-
SSDEEP
6144:ImcD66R0R5JGmrpQsK3RD2u270jupCJsCxC4EAqdSuvE+0gPCuB:BcD66HZ2zkPaCxUSuBTL
Behavioral task
behavioral1
Sample
1bdc0e06ca4527f248b210fbd9a9c247_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
cybergate
2.6
Server
momohe.no-ip.biz:288
***MUTEX***
-
enable_keylogger
true
-
enable_message_box
false
-
ftp_directory
./logs/
-
ftp_interval
30
-
injected_process
explorer.exe
-
install_dir
spynet
-
install_file
server.exe
-
install_flag
true
-
keylogger_enable_ftp
false
-
message_box_caption
texto da mensagem
-
message_box_title
tÃtulo da mensagem
-
password
abcd1234
-
regkey_hkcu
HKCU
-
regkey_hklm
HKLM
Targets
-
-
Target
1bdc0e06ca4527f248b210fbd9a9c247_JaffaCakes118
-
Size
436KB
-
MD5
1bdc0e06ca4527f248b210fbd9a9c247
-
SHA1
86f5d92f5aa9a9fba64808ba6de23046eb97c3de
-
SHA256
af8da245a494815ed54369f2fb38bf3575b74251da28f3a2c98a30ccabf9ac3c
-
SHA512
ea81b5178619d9e97bee66fa8c401e568c4852be5e98758c4d468bda0c872e405e957b678fae70938397002862434a1e35e93456b8b7be8a9e54e71053c88774
-
SSDEEP
6144:ImcD66R0R5JGmrpQsK3RD2u270jupCJsCxC4EAqdSuvE+0gPCuB:BcD66HZ2zkPaCxUSuBTL
-