Details
| Malware Family | CyberGate |
|---|---|
| Date Added | April 20, 2018, 6:37 a.m. |
| MD5 | b1730fff58fd04367cff9b39b2942d15 |
| Sha256 | a88ef0d1508e5e0aa159d7511a3e3151759e570bf365821a39b8bd6c8be77735 |
| Robot | Robots lovingly delivered by robohash.org |
Config Sections
| MeltFile | FALSE |
|---|---|
| InstallFlag | TRUE |
| CampaignID | 2Cheat |
| FTPPassword | |
| FTPDirectory | ./ |
| Mutex | WINRAR |
| InstallDir | Microsoft |
| FTPPort | |
| EnableMessageBox | FALSE |
| Password | 123 |
| FTPUserName | |
| ActivateKeylogger | TRUE |
| FTPAddress | |
| REGKeyHKLM | Avgnt |
| MessageBoxButton | 0 |
| StartupPolicies | Policies |
| FTPInterval | 30 |
| InstallMessageTitle | LAMMER |
| KeyloggerEnableFTP | FALSE |
| MessageBoxIcon | 16 |
| Domain | minhaconta.ddns.net, |
| ActiveXStartup | {28RVT45P-FM3F-477S-413I-E4K1RRLI25VE} |
| InstallMessageBox | VOC FOI HACKEADO ...SEU SISTEMA SER FORMATADO. |
| ChangeCreationDate | FALSE |
| CyberGateVersion | |
| Persistance | FALSE |
| InstallFileName | WINRAR.exe |
| REGKeyHKCU | Avirnt |
| KeyloggerBackspace | TRUE |
| HideFile | FALSE |
| USBSpread | 2000 |
| Port | 1177, |
Advertising
VirusTotal
This hash does not exist in virustotal
Domain Data
| Domain | IP | Country Code |
|---|---|---|
| minhaconta.ddns.net | 187.127.93.209 | BR |
Geo Location
Yara Rules
Comments