Details
Malware Family PoisonIvy
Date Added Nov. 7, 2015, 5:29 p.m.
MD5 866faa7b93addb18ec5e6351aaedfd50
Sha256 8715721cc279bf75af58c2dcef51190d120bb6e8f80e739f7c182b026bbdfc90
Robot Robots lovingly delivered by robohash.org
Config Sections
Enable KeyLogger 01
Enable ActiveX 01
HKLM Value explorer
Enable HKLM 01
Campaign ID serv
Domains dz-zed.no-ip.org:81|
ActiveX Key {321FAC56-6A32-EA60-3B19-FA78FDC8D7A0}
Password admin
Advertising
VirusTotal

49 out of 52 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
dz-zed.no-ip.org 0
Geo Location
Yara Rules
Comments
comments powered by Disqus