Details
Malware Family CyberGate
Date Added Feb. 1, 2016, 9:47 p.m.
MD5 07095e1b17d506a4f628fa0e818de7d0
Sha256 e4c4931505aeed3a82181506d4243691020cb8ee1ee94f617c5495f2515344ef
Robot Robots lovingly delivered by robohash.org
Config Sections
MeltFile FALSE
InstallFlag TRUE
CampaignID vitima
FTPPassword
FTPDirectory ./
Mutex Pluguin
InstallDir Caixa Federal
FTPPort
EnableMessageBox TRUE
Password 123
FTPUserName
ActivateKeylogger TRUE
FTPAddress
REGKeyHKLM
MessageBoxButton 0
StartupPolicies
FTPInterval 30
InstallMessageTitle Erro dx9_43.dll
KeyloggerEnableFTP FALSE
MessageBoxIcon 16
Domain 127.0.0.1,127.0.0.1,127.0.0.1,
ActiveXStartup
InstallMessageBox No est instalado o directx em sua maquna pesquise em seu navegador para solues.
ChangeCreationDate FALSE
CyberGateVersion
Persistance TRUE
InstallFileName Boleto Juros
REGKeyHKCU
KeyloggerBackspace FALSE
HideFile FALSE
USBSpread 1000
Port 81,2017,2018,
Advertising
VirusTotal

47 out of 55 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
127.0.0.1 0
127.0.0.1 0
127.0.0.1 0
Geo Location
Yara Rules
Comments
comments powered by Disqus