Details
FileName | |
---|---|
Malware Family | CyberGate |
Date Added | 2016-01-30 03:00:03 |
MD5 | 246954ce41cb1652f582802caf2e8810 |
Sha256 | 16b57f022da03a4109f5c77f8cb14b2c00ded9983e7a7fb65d3d4c89e097767c |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPPassword | + |
---|---|
CampaignID | Paloc |
Password | 123 |
USBSpread | FALSE |
FTPAddress | ftp.server.com |
InstallDir | Microsoft |
Persistance | TRUE |
InstallMessageTitle | Erro |
KeyloggerBackspace | FALSE |
HideFile | FALSE |
FTPDirectory | ./logs/ |
Domain | 141.255.156.162, |
InstallFileName | explorer.exe |
FTPPort | 21 |
REGKeyHKCU | Microsoft |
MessageBoxIcon | 64 |
Port | 2213, |
CyberGateVersion | |
StartupPolicies | Policies |
REGKeyHKLM | Windows |
FTPUserName | ftp_user |
ChangeCreationDate | FALSE |
MeltFile | TRUE |
Mutex | ***MUTEX*** |
KeyloggerEnableFTP | FALSE |
FTPInterval | 30 |
InstallMessageBox | O arquivo no foi encontrado(msscrv.dll) |
InstallFlag | TRUE |
ActiveXStartup | {6405V0K6-3H66-F8NE-234T-R1O8U1325774} |
EnableMessageBox | TRUE |
ActivateKeylogger | TRUE |
MessageBoxButton | 0 |
Virustotal
48 out of 54 AV Engines identified the sample as Malicious.