Details
FileName | |
---|---|
Malware Family | CyberGate |
Date Added | 2015-11-07 14:35:06 |
MD5 | 92b7092eef1b5787895e39eb3c7cc0da |
Sha256 | 146e97ac45c8a43c91b2538a72f1b31c5fda3b5f57468ce36eb7b272aea46257 |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPPassword | + |
---|---|
CampaignID | Server |
Password | abcd1234 |
USBSpread | FALSE |
FTPDirectory | ./logs/ |
FTPAddress | ftp.server.com |
InstallDir | sysWOW |
Persistance | TRUE |
InstallMessageTitle | ttulo da mensagem |
KeyloggerBackspace | TRUE |
HideFile | TRUE |
Mutex | ***MUTEX*** |
Domain | stunning1.zapto.org, |
FTPPort | 21 |
REGKeyHKCU | HKCU |
MessageBoxIcon | 16 |
Port | 4444, |
CyberGateVersion | |
StartupPolicies | Policies |
REGKeyHKLM | HKLM |
FTPUserName | ftp_user |
ChangeCreationDate | FALSE |
MeltFile | FALSE |
InstallFileName | winhost.exe |
KeyloggerEnableFTP | FALSE |
FTPInterval | 30 |
InstallMessageBox | texto da mensagem |
InstallFlag | TRUE |
ActiveXStartup | {72S648NL-KQ8J-55IT-53AW-IXFWW428YJ08} |
EnableMessageBox | FALSE |
ActivateKeylogger | TRUE |
MessageBoxButton | 0 |
Virustotal
0 out of 0 AV Engines identified the sample as Malicious.