Details
Malware Family AlienSpy
Date Added Jan. 7, 2016, 9:29 p.m.
MD5 144449c4315829ef7e7f2acc31d5b307
Sha256 66d76d5ef285368b56b75769318c2df50765ef27d5300c534bc6622b4b7103e9
Robot Robots lovingly delivered by robohash.org
Config Sections
PLUGIN_EXTENSION 2kvvI
NETWORK [{u'PORT': 7777, u'DNS': u'127.0.0.1'}, {u'PORT': 225, u'DNS': u'workshopjs.ddns.net'}]
DELAY_INSTALL 2
JAR_NAME KgtGp9P7N6M
JAR_FOLDER lBIL9aQm3p2
VBOX False
INSTALL True
JAR_EXTENSION fICbti
JRE_FOLDER fR1uSD
JAR_REGISTRY nd7JYYQDI9g
NICKNAME OCT 06
PLUGIN_FOLDER tRn6WYWcMzG
VMWARE False
DELAY_CONNECT 2
Advertising
VirusTotal

20 out of 53 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
127.0.0.1 0
workshopjs.ddns.net 0.0.0.0 0
Geo Location
Yara Rules
Comments
comments powered by Disqus