Details
Malware Family CyberGate
Date Added Feb. 8, 2018, 6:25 a.m.
MD5 74df61a1e4be828135644fbd30b884f8
Sha256 90ace82ef11daea3e1c940f96f8fdc27ceae51ccda31254c2fac3265b0898c6b
Robot Robots lovingly delivered by robohash.org
Config Sections
MeltFile FALSE
InstallFlag TRUE
CampaignID
FTPPassword +
FTPDirectory ./logs/
Mutex ***MUTEX***
InstallDir
FTPPort 21
EnableMessageBox FALSE
Password abcd1234
FTPUserName ftp_user
ActivateKeylogger TRUE
FTPAddress ftp.server.com
REGKeyHKLM
MessageBoxButton 0
StartupPolicies
FTPInterval 30
InstallMessageTitle Error
KeyloggerEnableFTP FALSE
MessageBoxIcon 16
Domain kamalos.no-ip.biz,
ActiveXStartup {218A3Q1V-M05N-O32L-4AM8-MA0JEIMDL4ML}
InstallMessageBox Please try again later.
ChangeCreationDate TRUE
CyberGateVersion
Persistance TRUE
InstallFileName Win_Xp.exe
REGKeyHKCU
KeyloggerBackspace TRUE
HideFile TRUE
USBSpread TRUE
Port 81,
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
kamalos.no-ip.biz 0
Geo Location
Yara Rules
Comments
comments powered by Disqus