Malware Family | CyberGate |
---|---|
Date Added | May 25, 2016, 3 a.m. |
MD5 | 5012d12f862e0db19609a893973137db |
Sha256 | a548c83fa39bc0459b054da555679fce4f14ab26585ea6830fa3ebcc2af35a8f |
Robot | Robots lovingly delivered by robohash.org |
MeltFile | FALSE |
---|---|
InstallFlag | TRUE |
CampaignID | Infected |
FTPPassword | + |
FTPDirectory | ./logs/ |
Mutex | ***MUTEX*** |
InstallDir | Microsoft |
FTPPort | 21 |
EnableMessageBox | FALSE |
Password | lol |
FTPUserName | ftp_user |
ActivateKeylogger | TRUE |
FTPAddress | ftp.server.com |
REGKeyHKLM | HKLM |
MessageBoxButton | 0 |
StartupPolicies | Policies |
FTPInterval | 30 |
InstallMessageTitle | ttulo da mensagem |
KeyloggerEnableFTP | FALSE |
MessageBoxIcon | 16 |
Domain | rsdoverbaby.no-ip.biz, |
ActiveXStartup | {MRP135EW-T6KC-Y0R0-J718-YC1V876F6INI} |
InstallMessageBox | texto da mensagem |
ChangeCreationDate | TRUE |
CyberGateVersion | |
Persistance | TRUE |
InstallFileName | FireFox.exe |
REGKeyHKCU | HKCU |
KeyloggerBackspace | TRUE |
HideFile | TRUE |
USBSpread | TRUE |
Port | 82, |
This hash does not exist in virustotal
Domain | IP | Country Code |
---|---|---|
rsdoverbaby.no-ip.biz | 0 |