Details
FileName | VirusShare_55a534841e61a14973ada03474267b56 |
---|---|
Malware Family | CyberGate |
Date Added | 2015-03-23 20:29:25 |
MD5 | 55a534841e61a14973ada03474267b56 |
Sha256 | 062f2f0913c1d01a242a6fddfd3f2c412bc588c31ec381811e1443423697c333 |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
RegKeyHKLM | win32 |
---|---|
FTPInterval | 30 |
InstallFileName | server.exe |
CampaignID | vtima |
Domain | loghd.ddns.com.br,loghd.ddns.com.br,loghd.ddns.com.br, |
InstallMessageTitle | Erro! |
KeyLoggerEnableFTP | FALSE |
ActiveXStartup | {08B0E5JF-4FCB-11CF-AAA5-00401C6XX500} |
FTPUserName | ftp_user |
Persistance | TRUE |
GoogleChromePasswords | NoLongerStored |
Password | lsl123 |
Port | 15963,888,2000, |
USBSpread | FALSE |
Mutex | ***MUTEX*** |
P2PSpread | |
InstallMessageBox | OWindowsnoconseguiencontraroarquivoxamp.dll |
MessageBoxIcon | 16 |
ActivateKeylogger | TRUE |
StartupPolicies | Policies |
FTPAddress | ftp.server.com |
KeyloggerBackspace | TRUE |
ChangeCreationDate | TRUE |
InstallFlag | TRUE |
FTPPort | 21 |
CyberGateVersion | |
InstallDir | install |
FTPPassword | + |
MessageBoxButton | 0 |
MeltFile | TRUE |
RegKeyHKCU | win32 |
FTPDirectory | ./logs/ |
HideFile | TRUE |
EnableMessageBox | TRUE |
Virustotal
49 out of 54 AV Engines identified the sample as Malicious.