Details
Robot
FileName
Malware Family CyberGate
Date Added 2016-05-25 03:00:04
MD5 1bba198c72ca3233bc5dadbe58c6b919
Sha256 7c3a087b6a5767df74c031e365c2bab16a47eebe5d6d31e95f29a80f98bd410a
Robot Robots lovingly delivered by robohash.org
Advertising
C2 Data
FTPPassword +
CampaignID
Password abcd1234
USBSpread FALSE
FTPAddress ftp.server.com
InstallDir
Persistance TRUE
InstallMessageTitle t?tulo da mensagem
KeyloggerBackspace TRUE
HideFile TRUE
FTPDirectory ./logs/
Domain 127.0.0.1,
InstallFileName windows.exe
FTPPort 21
REGKeyHKCU HKCU
MessageBoxIcon 16
Port 422,
CyberGateVersion
StartupPolicies Policies
REGKeyHKLM HKLM
FTPUserName ftp_user
ChangeCreationDate FALSE
MeltFile FALSE
Mutex ***MUTEX***
KeyloggerEnableFTP FALSE
FTPInterval 30
InstallMessageBox texto da mensagem
InstallFlag TRUE
ActiveXStartup {O4BDDF1A-7R3T-BG66-5G8G-6G0EK20IPUOQ}
EnableMessageBox FALSE
ActivateKeylogger TRUE
MessageBoxButton 0
Virustotal

0 out of 0 AV Engines identified the sample as Malicious.

Virustotal Report

C2 Information
Domain FQDN IP Country Code
127.0.0.1 0