Details
FileName | VirusShare_c4268605d10ca8a851a9959303c87a6e |
---|---|
Malware Family | CyberGate |
Date Added | 2015-03-23 20:29:25 |
MD5 | c4268605d10ca8a851a9959303c87a6e |
Sha256 | a1cda87f44d8cfb016fa381b11cdc0fbf2d993d0c370c5addaf5843d36976176 |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
RegKeyHKLM | Win32 |
---|---|
FTPInterval | 30 |
InstallFileName | server.exe |
CampaignID | sex |
Domain | seuno-ip.no-ip.org, |
InstallMessageTitle | ttulodamensagem |
KeyLoggerEnableFTP | FALSE |
ActiveXStartup | {EW7RXU35-2JN2-1622-IFB6-0QAQ442SB21H} |
FTPUserName | ftp_user |
Persistance | TRUE |
GoogleChromePasswords | NoLongerStored |
Password | 123 |
Port | 2000, |
USBSpread | FALSE |
Mutex | ***MUTEX*** |
P2PSpread | |
InstallMessageBox | textodamensagem |
MessageBoxIcon | 16 |
ActivateKeylogger | TRUE |
StartupPolicies | Policies |
FTPAddress | ftp.server.com |
KeyloggerBackspace | TRUE |
ChangeCreationDate | TRUE |
InstallFlag | TRUE |
FTPPort | 21 |
CyberGateVersion | |
InstallDir | install |
FTPPassword | + |
MessageBoxButton | 3 |
MeltFile | TRUE |
RegKeyHKCU | Win32 |
FTPDirectory | ./logs/ |
HideFile | TRUE |
EnableMessageBox | TRUE |
Virustotal
49 out of 53 AV Engines identified the sample as Malicious.