Details
FileName | |
---|---|
Malware Family | CyberGate |
Date Added | 2016-01-30 03:00:03 |
MD5 | add32b3f573b0b3e94e02639f10db508 |
Sha256 | 3114a5e305dc8463060aba564f315451decf7e13a7b9ce656b3e382a1061b462 |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPPassword | + |
---|---|
CampaignID | Pessoas |
Password | 123 |
USBSpread | FALSE |
FTPAddress | ftp.server.com |
InstallDir | Microsoft |
Persistance | TRUE |
InstallMessageTitle | Erro |
KeyloggerBackspace | FALSE |
HideFile | FALSE |
FTPDirectory | ./logs/ |
Domain | castelo.no-ip.org, |
InstallFileName | explorer.exe |
FTPPort | 21 |
REGKeyHKCU | Microsoft |
MessageBoxIcon | 16 |
Port | 2213, |
CyberGateVersion | |
StartupPolicies | Policies |
REGKeyHKLM | avast! antivirus |
FTPUserName | ftp_user |
ChangeCreationDate | FALSE |
MeltFile | FALSE |
Mutex | ***MUTEX*** |
KeyloggerEnableFTP | FALSE |
FTPInterval | 30 |
InstallMessageBox | No foi possvel executar o arquivo |
InstallFlag | TRUE |
ActiveXStartup | {K823E4TL-F543-NH21-VT6U-4OCYP3VL2LCF} |
EnableMessageBox | TRUE |
ActivateKeylogger | TRUE |
MessageBoxButton | 0 |
Virustotal
50 out of 54 AV Engines identified the sample as Malicious.