Details
FileName | |
---|---|
Malware Family | CyberGate |
Date Added | 2015-11-07 14:32:14 |
MD5 | a29799b9cb380736ced59949ab913e10 |
Sha256 | bdd159fbba0032b295fc4cd9b7242cd79be8c07378cf5f46df6e4b69c2cc060c |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPPassword | + |
---|---|
CampaignID | Buy |
Password | 123456 |
USBSpread | 1000 |
FTPDirectory | ./logs/ |
FTPAddress | ftp.server.com |
InstallDir | install |
Persistance | TRUE |
InstallMessageTitle | CyberGate |
KeyloggerBackspace | TRUE |
HideFile | TRUE |
Mutex | E3H70604F27QN2 |
Domain | peruxd.no-ip.biz, |
FTPPort | 21 |
REGKeyHKCU | HKCU |
MessageBoxIcon | 16 |
Port | 81, |
CyberGateVersion | |
StartupPolicies | Policies |
REGKeyHKLM | HKLM |
FTPUserName | ftp_user |
ChangeCreationDate | TRUE |
MeltFile | FALSE |
InstallFileName | server.exe |
KeyloggerEnableFTP | FALSE |
FTPInterval | 30 |
InstallMessageBox | Remote Administration anywhere in the world. |
InstallFlag | TRUE |
ActiveXStartup | {KVTC8U6E-45GE-TP12-0285-7P4S057EYUML} |
EnableMessageBox | FALSE |
ActivateKeylogger | TRUE |
MessageBoxButton | 0 |
Virustotal
48 out of 51 AV Engines identified the sample as Malicious.