Details
FileName | |
---|---|
Malware Family | CyberGate |
Date Added | 2015-11-07 14:30:35 |
MD5 | 934b1a799a262bbc72836e1f2f7d1d30 |
Sha256 | a23a970d7b7ccd53ef094c03e6276ec979e3a0cc72dd3a5e894a62f77e3482f4 |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPPassword | + |
---|---|
CampaignID | Vaflis |
Password | 123456 |
USBSpread | 1000 |
FTPDirectory | ./logs/ |
FTPAddress | ftp.server.com |
InstallDir | install |
Persistance | FALSE |
InstallMessageTitle | Soft Ror |
KeyloggerBackspace | TRUE |
HideFile | FALSE |
Mutex | 0KYRNGIPE3AJ4C |
Domain | Waflis404.no-ip.biz, |
FTPPort | 21 |
REGKeyHKCU | |
MessageBoxIcon | 16 |
Port | 100, |
CyberGateVersion | |
StartupPolicies | |
REGKeyHKLM | |
FTPUserName | ftp_user |
ChangeCreationDate | FALSE |
MeltFile | FALSE |
InstallFileName | server.exe |
KeyloggerEnableFTP | FALSE |
FTPInterval | 30 |
InstallMessageBox | Error - Couldn see your ports at 100 |
InstallFlag | TRUE |
ActiveXStartup | |
EnableMessageBox | FALSE |
ActivateKeylogger | TRUE |
MessageBoxButton | 0 |
Virustotal
48 out of 51 AV Engines identified the sample as Malicious.