Details
FileName | |
---|---|
Malware Family | CyberGate |
Date Added | 2015-11-07 20:06:20 |
MD5 | 9a15502f62ff537618841b4d4baafcf0 |
Sha256 | a17f37f45c7d83039af3ef7194d9811d11c5c67445646d7935fde512d8fa363b |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPPassword | + |
---|---|
CampaignID | remote |
Password | cybergate |
USBSpread | 1000 |
FTPDirectory | ./logs/ |
FTPAddress | ftp.server.com |
InstallDir | drivers |
Persistance | TRUE |
InstallMessageTitle | CyberGate |
KeyloggerBackspace | TRUE |
HideFile | FALSE |
Mutex | 128FLT7F2312RP |
Domain | 27.4.145.129, |
FTPPort | 21 |
REGKeyHKCU | |
MessageBoxIcon | 16 |
Port | 2202, |
CyberGateVersion | |
StartupPolicies | Policies |
REGKeyHKLM | |
FTPUserName | ftp_user |
ChangeCreationDate | FALSE |
MeltFile | FALSE |
InstallFileName | svchost.exe |
KeyloggerEnableFTP | FALSE |
FTPInterval | 30 |
InstallMessageBox | file not found |
InstallFlag | TRUE |
ActiveXStartup | {76C37DY3-UB20-FDMN-421M-SK77P34TTC66} |
EnableMessageBox | TRUE |
ActivateKeylogger | TRUE |
MessageBoxButton | 0 |
Virustotal
0 out of 0 AV Engines identified the sample as Malicious.