Details
Malware Family CyberGate
Date Added May 25, 2016, 3 a.m.
MD5 83330cd2da1bba4a1e2d76a3fc5c60d4
Sha256 6a62fc5fe490f34ef51228096455a4282caa8c50668fd4b8efd503cecce3f5fa
Robot Robots lovingly delivered by robohash.org
Config Sections
MeltFile FALSE
InstallFlag TRUE
CampaignID test
FTPPassword +
FTPDirectory ./logs/
Mutex ***MUTEX***
InstallDir install
FTPPort 21
EnableMessageBox FALSE
Password abcd1234
FTPUserName ftp_user
ActivateKeylogger TRUE
FTPAddress ftp.server.com
REGKeyHKLM
MessageBoxButton 0
StartupPolicies
FTPInterval 30
InstallMessageTitle ttulo da mensagem
KeyloggerEnableFTP FALSE
MessageBoxIcon 16
Domain mellina.no-ip.biz,
ActiveXStartup {F4088T60-38L8-XV5L-NR16-LNRO3D303452}
InstallMessageBox texto da mensagem
ChangeCreationDate FALSE
CyberGateVersion
Persistance TRUE
InstallFileName server.exe
REGKeyHKCU
KeyloggerBackspace TRUE
HideFile FALSE
USBSpread TRUE
Port 81,
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
mellina.no-ip.biz 0
Geo Location
Yara Rules
Comments
comments powered by Disqus