Details
FileName | |
---|---|
Malware Family | CyberGate |
Date Added | 2015-11-07 20:08:16 |
MD5 | 892aa01b969362d42ad9901f8f4023a0 |
Sha256 | 27edf12effb5e09984b7b925b07777380d75fe12d3d75b3d3bb8b460a88d1dff |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPPassword | + |
---|---|
CampaignID | vtima |
Password | 1234 |
USBSpread | FALSE |
FTPDirectory | ./logs/ |
FTPAddress | ftp.server.com |
InstallDir | install |
Persistance | FALSE |
InstallMessageTitle | Error |
KeyloggerBackspace | TRUE |
HideFile | FALSE |
Mutex | ***MUTEX*** |
Domain | 192.168.1.1,192.168.1.35, |
FTPPort | 21 |
REGKeyHKCU | HKCU |
MessageBoxIcon | 16 |
Port | 81,81, |
CyberGateVersion | |
StartupPolicies | Policies |
REGKeyHKLM | HKLM |
FTPUserName | ftp_user |
ChangeCreationDate | FALSE |
MeltFile | FALSE |
InstallFileName | server.exe |
KeyloggerEnableFTP | FALSE |
FTPInterval | 30 |
InstallMessageBox | Su version de Minecraft tiene un problema de compatibilidad |
InstallFlag | TRUE |
ActiveXStartup | {08B0E5JF-4FCB-11CF-AAA5-00401C6XX500} |
EnableMessageBox | TRUE |
ActivateKeylogger | TRUE |
MessageBoxButton | 0 |
Virustotal
51 out of 56 AV Engines identified the sample as Malicious.