Details
Malware Family AlienSpy
Date Added Aug. 27, 2018, 6:25 a.m.
MD5 6c0504d9a2897add3ecbb7cab4dc1ce7
Sha256 5453ca2c570d8195b98fe59efb87e17c72a73690a38a1cd8ea53618d6e3182f4
Robot Robots lovingly delivered by robohash.org
Config Sections
PLUGIN_EXTENSION S9V0n
NETWORK [{u'PORT': 777, u'DNS': u'money12.from-ok.com'}]
DELAY_INSTALL 2
JAR_NAME BcD0FKRZ6lD
JAR_FOLDER 5hDtRaEbieJ
VBOX False
INSTALL True
JAR_EXTENSION 9vbVBY
JRE_FOLDER fjWZJ7
JAR_REGISTRY ufUDpvTWRZ1
NICKNAME JSocket
PLUGIN_FOLDER pDvfc6iLF2J
VMWARE False
DELAY_CONNECT 2
Advertising
VirusTotal

32 out of 58 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
money12.from-ok.com 0
Geo Location
Yara Rules
Comments
comments powered by Disqus