Details
Malware Family PoisonIvy
Date Added March 23, 2015, 8:29 p.m.
MD5 536dd8359e2db7c8b11d1e9624751f53
Sha256 05a572cf11196b6f65a308d809ff33273c62eb2e7bd1191f44b1c911121c6297
Robot Robots lovingly delivered by robohash.org
Config Sections
EnableKeyLogger
InstallName
HKLMValue midouz
EnableHKLM 01
PersistentProxy
CampaignID iSlAm+MiDoUz
InjectExe
HijackProxy
InstallPath
InjectDefaultBrowser
EnableThreadPersistence
CopytoADS
EnableActiveX
Melt
Domains llegion.linkpc.net:3460|
Flag3
Mutex
Password admin
GroupID
ActiveXKey
Advertising
VirusTotal

44 out of 52 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
llegion.linkpc.net 41.200.189.13 DZ
llegion.linkpc.net 41.200.189.13 DZ
Geo Location
Yara Rules
Comments
comments powered by Disqus