Details
FileName | VirusShare_3f957a2dc400c5d228c1dec32b5665ee |
---|---|
Malware Family | CyberGate |
Date Added | 2015-03-23 20:29:25 |
MD5 | 3f957a2dc400c5d228c1dec32b5665ee |
Sha256 | 846f91454ead16ab0c96b9feba0805b73e5949648aad2c0a9fe0e17b4e4daa8a |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
RegKeyHKLM | |
---|---|
FTPInterval | 30 |
InstallFileName | smss.exe |
CampaignID | kaki |
Domain | filas0.zapto.org, |
InstallMessageTitle | ttulodamensagem |
KeyLoggerEnableFTP | FALSE |
ActiveXStartup | {SWID8710-7SC0-G3T4-UVWB-KHO6VMY87GP6} |
FTPUserName | ftp_user |
Persistance | TRUE |
GoogleChromePasswords | NoLongerStored |
Password | 12345.0 |
Port | 82, |
USBSpread | FALSE |
Mutex | dll |
P2PSpread | |
InstallMessageBox | textodamensagem |
MessageBoxIcon | 16 |
ActivateKeylogger | TRUE |
StartupPolicies | Policies |
FTPAddress | ftp.server.com |
KeyloggerBackspace | FALSE |
ChangeCreationDate | TRUE |
InstallFlag | TRUE |
FTPPort | 21 |
CyberGateVersion | |
InstallDir | install |
FTPPassword | + |
MessageBoxButton | 0 |
MeltFile | FALSE |
RegKeyHKCU | |
FTPDirectory | ./logs/ |
HideFile | TRUE |
EnableMessageBox | FALSE |
Virustotal
0 out of 0 AV Engines identified the sample as Malicious.