Details
Robot
FileName VirusShare_0c83af8102f81c1d4dcb2a8e3fca45cd
Malware Family CyberGate
Date Added 2015-03-23 20:29:25
MD5 0c83af8102f81c1d4dcb2a8e3fca45cd
Sha256 cda8fe3b90bda475f5b270abb9965761832e4f1f02840df8f6062639f78fe4ee
Robot Robots lovingly delivered by robohash.org
Advertising
Config Data
RegKeyHKLM skype
FTPInterval 30
InstallFileName skypeupdate.exe
CampaignID remote
Domain tarsia6703.conds.com,
InstallMessageTitle CyberGate
KeyLoggerEnableFTP TRUE
ActiveXStartup {KJ6IOH8M-THH4-63GX-F74Y-5EN337338LY8}
FTPUserName u263185159.fffdata
Persistance FALSE
GoogleChromePasswords NoLongerStored
Password cybergate
Port 8080,
USBSpread 1000
Mutex 2T4F381OJ4K27D
P2PSpread
InstallMessageBox RemoteAdministrationanywhereintheworld.
MessageBoxIcon 16
ActivateKeylogger TRUE
StartupPolicies skype
FTPAddress ftp.sakura.3owl.com
KeyloggerBackspace TRUE
ChangeCreationDate FALSE
InstallFlag TRUE
FTPPort 21
CyberGateVersion
InstallDir skype
FTPPassword fffdata
MessageBoxButton 0
MeltFile TRUE
RegKeyHKCU skype
FTPDirectory ./
HideFile TRUE
EnableMessageBox FALSE
Virustotal

48 out of 53 AV Engines identified the sample as Malicious.

Virustotal Report