Details
FileName | VirusShare_3f22560ebac5fc58a7d281bdae160c9b |
---|---|
Malware Family | CyberGate |
Date Added | 2015-03-23 20:29:25 |
MD5 | 3f22560ebac5fc58a7d281bdae160c9b |
Sha256 | 3334a3b1bfa7c9dd6e251d251fd4afc6c18ab5af6c814120dc8d5778a71e9126 |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
RegKeyHKLM | services |
---|---|
FTPInterval | 30 |
InstallFileName | Windows.exe |
CampaignID | victaimas5 |
Domain | bombilla.zapto.org,denis77.zapto.org, |
InstallMessageTitle | CyberGate |
KeyLoggerEnableFTP | FALSE |
ActiveXStartup | {OIEO5B5Q-AX51-YB40-63UC-6U8FL56OY468} |
FTPUserName | ftp_user |
Persistance | TRUE |
GoogleChromePasswords | NoLongerStored |
Password | 1234 |
Port | 4665,4665, |
USBSpread | 1000 |
Mutex | 52O7R1UW5P4V0D |
P2PSpread | |
InstallMessageBox | RemoteAdministrationanywhereintheworld. |
MessageBoxIcon | 16 |
ActivateKeylogger | TRUE |
StartupPolicies | services |
FTPAddress | ftp.server.com |
KeyloggerBackspace | TRUE |
ChangeCreationDate | TRUE |
InstallFlag | TRUE |
FTPPort | 21 |
CyberGateVersion | |
InstallDir | Windows |
FTPPassword | + |
MessageBoxButton | 0 |
MeltFile | FALSE |
RegKeyHKCU | services |
FTPDirectory | ./logs/ |
HideFile | TRUE |
EnableMessageBox | FALSE |
Virustotal
0 out of 0 AV Engines identified the sample as Malicious.