Details
FileName | |
---|---|
Malware Family | CyberGate |
Date Added | 2016-01-30 03:00:03 |
MD5 | 8e9073b6c9c97201b62fd85fc6b752de |
Sha256 | 0c4abcefd59d0f2876b5ad60016ed7172cf7cfdde717b1cc5796ca3bbb0da54e |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPPassword | + |
---|---|
CampaignID | vtima |
Password | 123 |
USBSpread | FALSE |
FTPAddress | ftp.server.com |
InstallDir | install |
Persistance | TRUE |
InstallMessageTitle | WarHax |
KeyloggerBackspace | TRUE |
HideFile | TRUE |
FTPDirectory | ./logs/ |
Domain | d4f4k.no-ip.org,d4f4k.no-ip.org,d4f4k.no-ip.org, |
InstallFileName | svchost.exe |
FTPPort | 21 |
REGKeyHKCU | System |
MessageBoxIcon | 16 |
Port | 4000,7000,25565, |
CyberGateVersion | |
StartupPolicies | Policies |
REGKeyHKLM | System |
FTPUserName | ftp_user |
ChangeCreationDate | TRUE |
MeltFile | FALSE |
Mutex | ***MUTEX*** |
KeyloggerEnableFTP | FALSE |
FTPInterval | 30 |
InstallMessageBox | Verso invalida, visite nosso site para a verso mais atualizada. |
InstallFlag | TRUE |
ActiveXStartup | {0OP852W8-HJ4C-D2WJ-J843-012804Y1KAD3} |
EnableMessageBox | TRUE |
ActivateKeylogger | TRUE |
MessageBoxButton | 0 |
Virustotal
48 out of 55 AV Engines identified the sample as Malicious.